Threat Intelligence Today
Collecting, Analyzing, and Monitoring Enterprise Security Information
You're likely swimming in security data, but what are the best tools and practices for analyzing it all? How can you use data to uncover compromises or targeted attacks? The answer is threat intelligence, which we define as the collection and analysis of information about existing and emerging threats to information assets -- it's used to inform decisions on how best to respond to and mitigate these threats.
Among the 397 respondents to our InformationWeek and Dark Reading Threat Intelligence Survey, 85% say this intel plays some role in their IT security strategies. Among the 337 respondents using threat intelligence:
>> 75% cite vulnerabilities exploited when asked what they attempt to identify through data analysis; 58% try to pinpoint the source of attacks.
>> 61% consider their programs a good value for the money; 12% say their program is "worth its weight in gold."
>> 51% subscribe to two or more third-party security intelligence feeds; 10% leverage five or more.
>> 22% run ad hoc queries against their data on a daily basis vs. 14% who check in only monthly. That's a long time in this age of fast-moving events.
In this report, we explain how to get the most out of threat intelligence efforts and best benefit from the data you already have to understand the threats your organization faces.
Respondent breakdown: 31% have 5,000 or more employees; 20% are over 10,000. Financial services, government, and education are well represented, and 26% have "security" in their job titles. An additional 14% are IT director/manager or executive management (C-level/VP) level. (R8040814)
Survey Name Dark Reading Threat Intelligence Survey
Survey Date June 2014
Region North America
Number of Respondents 397
Purpose To examine the impact threat intelligence has on IT security strategy
Methodology Dark Reading, in partnership with InformationWeek, surveyed business technology decision-makers at North American companies. The survey was conducted online, and respondents were recruited via an email invitation containing an embedded link to the survey. The email invitation was sent to qualified Dark Reading and InformationWeek subscribers.