Threat intelligence is a relatively new area of information security, but as with any emerging technology, the hype occasionally overtakes reality.
Actual Benefits of Threat Intelligence
Recent research from an SC Media survey of information security professionals provides some insight here, with 43 percent of respondents expecting threat intelligence to offer an “early warning of new threats and tactics” immediately and with minimal effort. While a mature and effective threat intelligence capability should aim to eventually deliver this, there are many other benefits of threat intelligence that can be more realistically achieved in the short, medium, and long term.
Other benefits featured in the survey responses included:
- 23.2%: Uncovering new exploits or vulnerabilities affecting relevant technologies.
- 10.8%: Monitoring for brands mentioned in connection with attacks and breaches.
- 9.1%: Aiding with incident response investigations.
- 9.1%: Correlating internal security alerts with context from external intelligence.
You can see all the results from this recent survey, which gathered insight from more than 200 security professionals across an array of industries, revenues, and company sizes.
Threat Intelligence Isn’t Just Flipping a Switch
Some of the hype surrounding threat intelligence might make it seem like companies can simply “flip a switch” and “do threat intelligence.” In reality, businesses need to be pragmatic when it comes to defining how threat intelligence can be applied as part of their whole information security strategy, and consider which phases will align to their most pressing risks, as well as available resources and existing technology.