The participants overwhelmingly answered that exchanging threat intelligence could have prevented recent cyberattacks and the traditional ways of sharing threat intelligence are insufficient.
“What was clear in our findings is that businesses and government agencies know that exchanging cyber threat intelligence will help secure the Internet more so than any other method or technology,” said Larry Ponemon, Chairman and Founder of the Ponemon Institute. “Yet what is really confounding is that while most of the people participating in the survey are clearly sharing cyberattack information, they know they aren’t doing it correctly or effectively.”
Other key findings in the survey include:
- Only 30 percent of respondents said they are very satisfied or satisfied in the way their organization is able to obtain threat intelligence. The primary reasons for dissatisfaction include the information is not timely, not categorized according to threat type or attacker and too complicated to ensure ease and speed of use.
- Despite 69 percent of respondents saying threat intelligence becomes stale within seconds or minutes, more than half said they receive information in increments of days, weeks or even months.
- Fifty-four percent of survey participants said they receive threat intelligence by phone, email or in-person. But they noted that current methods for sharing intelligence are slow, unreliable and unsecure.
- Sixty-two percent said current collaboration efforts are constrained by operating in a silo—such as by industry, geography or community.
- Sixty-seven percent of respondents approve of a real-time machine-to-machine way to exchange intelligence.
"As an industry, we must find ways to encourage more machine-to-machine sharing and break out of the existing silos, or the bad guys will continue to beat us with their more effective and broader methods of exchanging intelligence," Rasmussen added.