Skip to content

What is a Cyber Threat Intelligence?

Cyber Threat Intelligence is information about an existing or emerging risk to a network that can be used to take action to mitigate the risk. Cyber threat intelligence may include context, mechanisms, trend data, or actionable information.

A recent report on cyber threat intelligence by the Ponemon Institute found that 65% of respondents believe improved cyber threat intelligence could prevent or minimize the consequences of a cyber attack. Importantly, 47% of respondents said their organization had already experienced a material security breach that involved an attack that compromised the networks or enterprise systems.

Key findings from the research include:

Cyber Threat intelligence is essential for a strong security posture. Seventy-five percent of respondents, who are familiar and involved in their company’s cyber threat intelligence activities or process, believe gathering and using threat intelligence is essential to a strong security posture.

Potential liability and lack of trust in sources of cyber threat intelligence, keep some organizations from participating. Organizations that only partially participate cite potential liability of sharing (62 percent of respondents) and lack of trust in the sources of intelligence (60 percent of respondents). However, more respondents believe there is a benefit to exchanging cyber threat intelligence.

Organizations rely upon peers and security vendors for cyber threat intelligence. Sixty-five percent of respondents say they engage in informal peer-to-peer exchange of information or through a vendor threat exchange service (45 percent of respondents). IT vendors and peers are also considered to provide the most actionable information. Law enforcement or government officials are not often used as a source for cyber threat intelligence.

Cyber Threat intelligence needs to be timely and easy to prioritize. Sixty-six percent of respondents who are only somewhat or not satisfied with current approaches say it is because the information is not timely and 46 percent complain the information is not categorized according to threat type or attacker.

Organizations are moving to a centralized program controlled by a dedicated team. A huge barrier to effective collaboration in the exchange of cyber threat intelligence is the existence of silos. Centralizing control over the exchange of cyber threat intelligence is becoming more prevalent and might address the silo problem.

Cyber threat intelligence is information about an existing or emerging risk to a network that can be used to take action to mitigate the risk.

LEARN MORE ABOUT Cyber Threat Intelligence AND RELATED TECHNOLOGIES

FROM THE INFOBLOX COMMUNITY

ABOUT INFOBLOX

Infoblox unites networking and security to deliver unmatched performance and protection. Trusted by Fortune 100 companies and emerging innovators, we provide real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier.

Let’s talk core networking and security

Back To Top