Threat Intelligence

What it takes to implement an effective threat intelligence program

Imagine that you’ve been tasked with investigating a dense cave system to see if there are dangers inside, but when you ask for a light source or a map to help you navigate through the darkness, you’re told those aren’t available. Good luck?   

Unfortunately, that scenario isn’t so far removed from what many IT security professionals experience on a daily basis when it comes to investigating cyberattacks and vulnerabilities. 

According to a recent study by CyberRisk Alliance, just 39% of IT decision-makers work in organizations where threat intelligence is used to prevent or mitigate attacks.

For every 10 security teams, in other words, about six lack access to a disciplined methodology to help make sense of what’s lurking on their attack surface. 

Fortunately, that’s not the end of the story. Fifty-five percent of respondents said there are plans to build a threat intelligence program in the next 12 months. But what does that building process look like? Moreover, what do organizations need to pull it off effectively when resources are few and far between? 

Focal points for building an effective threat intelligence program

The CRA survey asked respondents what they think their organization “needs the most help with in order to effectively implement a threat intelligence program.” Below, we’ve included their top recommendations and challenge areas they believe merit special attention in the months ahead.

For more insights on how IT security leaders are planning their threat intelligence agenda for 2024, download the full survey report here.

Daniel Thomas

Daniel Thomas is a technology writer, researcher, and content producer for CyberRisk Alliance. He has over a decade of experience writing on the most critical topics of interest for the cybersecurity community, including cloud computing, artificial intelligence and machine learning, data analytics, threat hunting, automation, IAM, and digital security policies. He previously served as a senior editor for Defense News, and as the director of research for GovExec News in Washington, D.C.. 

Related

Extensive Israeli police breach alleged by Iran-linked hackers

Purportedly included in the exfiltrated information were officers' personal details and photos, gun licenses, email addresses, suspects' and criminals' personal data, sex offender employment permit details, and other classified documents, according to Handala, which also alleged the compromise of Israeli Ministry of National Security servers.

Microsoft IIS servers targeted for malware deployment

Attacks — which are believed to have been conducted by Group 9-linked Chinese hacking operation DragonRank — involved payloads with SEO fraud and malicious JavaScript code injections resembling those utilized by Group 11, according to an analysis from Trend Micro.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Account HarvestingBlack HatDNS SpoofingDeauthentication AttackDictionary AttackDistributed ScansDomain HijackingDumpSecHybrid AttackReconnaissance

You can skip this ad in 5 seconds