Light Dark
November 7, 2016 By Larry Loeb 2 min read

A recent Ponemon Institute report, sponsored by Anomali, titled “The Value of Threat Intelligence,” addressed how organizations use threat information. The study looked at the benefits of this technology and the challenges of integrating it with existing security platforms and solutions.

Valuable Insight

The study suggested that companies value threat intelligence highly, since 77 percent of respondents described it as essential to their organization’s overall security mission. Virtually the same number (78 percent) indicated that a strong cybersecurity posture is a top concern, and another 57 percent noted that it would drive IT decision-making. Only 46 percent of respondents, however, said their IT teams used threat data to decide how to respond to threats.

Additionally, 70 percent of survey participants said their organization struggle to take action based on threat intelligence because the volume is overwhelming or too complex. Just 32 percent said their company’s IT professionals refer to this kind of data to inform senior executives about cyberthreats.

Threat Analysts Wanted

The objective of threat intelligence is to identify things that are out of place or not routinely encountered. That may mean shifting focus to a security strategy that depends on the specific area being investigated, which could require hiring a threat analyst. Indeed, 52 percent of respondents to the Ponemon survey said their companies would need a qualified threat analyst to separate the noise from actionable data.

“There’s too much data to really make sense of if you have a limited resource staff of security operations center analysts or threat analysts,” Travis Farral, the director of security strategy at Anomali, told CSO Online. “It can be overwhelming to sit and figure out which of these 100,000 things to look at first.”

Maximizing Threat Intelligence

Effective threat intelligence requires a solid solution. According to the survey, 79 percent of respondents considered a reliable platform necessary to maximize this data, and another 70 percent of platform users said it helped to pinpoint and prioritize incidents of compromise.

While it may be difficult to integrate threat intelligence into extant business systems, it can also provide information that can’t be found through other means.

 |  |  |  | 
Larry Loeb
Principal, PBC Enterprises

More from

December 23, 2024

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

November 22, 2024

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

November 21, 2024

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature