Cyware, the leading provider of threat intelligence management, security orchestration and automation, and cyber fusion solutions, has shared findings of its anonymized 2024 Threat Intelligence and Collaboration Survey. Conducted with security professionals at the recent Infosecurity Europe 2024 exhibition, the research reveals that the overwhelming majority of organizations recognize the crucial importance of collaboration and information sharing in the fight against cybercrime, but most struggle to effectively combine insights across teams and security platforms.
While 91 percent of respondents said collaboration and information sharing are very important or absolutely crucial for cybersecurity, 70 percent believe their organization could improve threat intelligence sharing and 19 percent say they could share significantly more.
More than half of research respondents (53 percent) said their organization does not currently utilize an Information Sharing and Analysis Center (ISAC), and fully 28 percent said they were unaware of the existence and role of ISACs altogether in enabling organizations to manage risk, backed by trusted analysis and effective coordination.
When asked to identify the weakest link in their approach to cybersecurity information sharing and collaboration, over half (51 percent) said people are the main barrier to improvement, followed by processes (21 percent) and technologies (11 percent). Taking all these factors into account, nearly half of the survey respondents (49 percent) said that their organizations struggle to combine and derive actionable insights across multiple security tools, such as threat intelligence platforms, SIEM, asset management, and vulnerability management platforms.
Regarding the emerging role of AI in improving or reducing an organization’s ability to share threat intelligence, 65 percent thought it would improve their organization’s ability to share information, with over a third (35 percent) saying the technology is already having an impact.
Other key research findings include:
- 70 percent said their organizations could share more threat intelligence, while only 23 percent said they are currently sharing the right amount of information. Just 2 percent thought they were sharing too much.
- Asked which teams are least likely to share threat intelligence with other departments, DevOps (31 percent) was the top answer, followed by Security Ops (17 percent), Threat Intelligence (16 percent) and IT Ops (15 percent).
- 23 percent of teams share threat intelligence on a daily basis, 21 percent share it in real-time, 17 percent share it weekly and 14 percent monthly.
“The disconnect between teams and the siloed approach taken around the use of security tools poses a serious threat to the delivery of threat intelligence, and by definition, the ability of organizations to protect themselves against today’s cybersecurity risks,” said Terrence Driscoll, Cyware’s Chief Information Security Officer. “What’s required instead is the proactive approach offered by creating virtual and distributed Cyber Fusion Centers where traditionally siloed security functions are scalable and integrated, combining high-fidelity threat intelligence with threat operations for rapid threat response.”
About Cyware
Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat-intelligence sharing platform for global ISACs and CERTs. For more information, please visit https://cyware.com/