Threat Intelligence

6/15/2017
02:15 PM
50%
50%

Most Organizations Not Satisfied with Threat Intelligence

Information Security Forum survey finds just one quarter of companies surveyed say threat intelligence technology is delivering on its promise.

With an eye toward gaining intel about attacks from adversaries, the vast majority of companies have threat intelligence in place but only a quarter are achieving the desired business goal, according to a report released today by the Information Security Forum (ISF).

As a result, the ISF offers up nine steps to help companies achieve their goals and sidestep five of the most common problems in hitting the mark. The ISF Threat Intelligence: React and Prepare report notes that 82% of its members surveyed have threat intelligence capabilities, but only 25% are satisfied with the results.

One problem includes a lack of a single definition of threat intelligence, another is finding people with skills to identify the threats and analyze the impact to business. Another issue: integrating threat intelligence into the way a company makes decisions, the report found.

In identifying the steps needed to help companies manage their threat intelligence capabilities, ISF offers up these nine recommendations: develop a prioritized list of threat intelligence requirements; select sources to support threat intelligence analysis; process information from sources; analyze the information; share the intel with the user; make a decision; take action; and circle back with a review and revise strategy, the report advises.

Read more about the ISF report here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Compliance and Risk Management Officer, AvePoint, Inc,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15601
PUBLISHED: 2018-08-21
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
CVE-2018-15603
PUBLISHED: 2018-08-21
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen.
CVE-2018-15598
PUBLISHED: 2018-08-21
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.
CVE-2018-15599
PUBLISHED: 2018-08-21
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.
CVE-2018-0501
PUBLISHED: 2018-08-21
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.