Cyber threat intelligence improves prevention, detection, and response capabilities

81 per cent of cybersecurity pros agree

As cyber attacks and attackers become more blatant and pervasive each year, a new SANS Institute report, in conjunction with DomainTools, shows organizations around the globe are turning towards Cyber Threat Intelligence (CTI) to detect, respond, and ultimately prevent attacks.

Results show adoption of CTI programs has steadily grown, with 68 per cent of organizations currently creating or consuming CTI data and 22 per cent having plans to do so in the future. Additionally, more respondents than ever before are finding CTI programs are helping improve overall cybersecurity posture, with the rate climbing to 81 per cent this year, compared to 78 per cent in 2017 and 64 per cent in 2016.

According to the report, some of the most popular security operations tasks that CTI programs support include detecting threats (79%), incident response (71%), blocking threats (70%) and threat hunting (62%). Many of the survey responses indicate that the increased emphasis on CTI and threat intelligence sharing was key in allowing operations teams to quickly search for existing compromises and proactively block access from external clients.

“Despite the onslaught of new threats that have been waged this past year, the SANS survey findings reflect threat intelligence platforms and programs are improving overall prevention, detection, and response efforts,” said Tim Helming, Director of Product Management of DomainTools. “Cyber threat intelligence is such an effective and important part of security operations because it converts an organization’s general posture from a reactive to proactive mindset, which gets teams beyond the ‘if’ something will happen to ‘when something happens, we are ready for it.’”

Social Bookmarks