A new study by the Ponemon Institute, titled Exchanging Cyber Threat Intelligence: There Has to Be a Better Way, nearly two-thirds of respondents said their organizations had suffered a preventable cyber attack in the last two years had they had adequate access to threat data, and nearly three-quarters believe a better system for sharing threat intelligence is needed.
“What was clear in our findings is that businesses and government agencies know that exchanging cyber threat intelligence will help secure the Internet more so than any other method or technology,” said Larry Ponemon. “Yet what is really confounding is that while most of the people participating in the survey are clearly sharing cyberattack information, they know they aren’t doing it correctly or effectively.”
Other key findings in the Ponemon study include:
- Only 30% of respondents said they are very satisfied or satisfied in the way their organization is able to obtain threat intelligence – the primary reasons for dissatisfaction include the information is not timely, not categorized according to threat type or attacker and too complicated to ensure ease and speed of use
- Despite 69% of respondents saying threat intelligence becomes stale within seconds or minutes, more than half said they receive information in increments of days, weeks or even months
- 54% of survey participants said they receive threat intelligence by phone, email or in-person – but they noted that current methods for sharing intelligence are slow, unreliable and unsecure
- 62% said current collaboration efforts are constrained by operating in a silo – such as by industry, geography or community
- 67% percent of respondents approve of a real-time machine-to-machine way to exchange intelligence
The report comes on the heels of an announcement that the Justice Department and the Federal Trade Commission have issued guidelines for organizations regarding the sharing of security threat intelligence after concerns had arisen that such information exchanges may have resulted in violations of antitrust laws designed to thwart the divulging of certain competitive information like product pricing and business development plans.
“Some companies have told us that concerns about antitrust liability has been a barrier to being able to openly share cyber threat information with each other. We have heard them,” Deputy Attorney General James Cole said.
In the wake of dozens of high profile breaches of consumer information at retail establishments including Target and Neiman Marcus, the National Retail Federation recently announced it intends to establish the first information sharing platform dedicated to the retail space.
The initiative will be undertaken in conjunction with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and seeks to provide retail industry information security specialists the means to share threat intelligence and mitigation best practices, and will result in a retail ISAC by summer.
“We believe a heightened and well coordinated information sharing platform such as a retail ISAC is a vital component for helping retailers in their fight against cyber attacks,” NRF President and CEO Matthew Shay said.