Cybersecurity vendor Opswat has published a new poll suggesting that only 22% of organisations – about one in five – have rolled out a fully fledged threat intelligence programme to help keep them safe.
Jan Miller, chief technology officer of threat analysis at Opswat, said that threat intelligence should be considered a “work in progress”, with most organisations in the small survey of around 300 IT professionals agreeing that additional investments in tools and processes can typically be needed.
“Threat intelligence plays a crucial role in safeguarding critical assets. Understanding the evolving threat landscape empowers organisations to stay one step ahead of malicious actors, and in this rapidly changing cybersecurity landscape, it becomes the critical strategic advantage,” Miller added.
Opswat publicised the results of the survey at cybersecurity conference Black Hat USA, highlighting what it described as an “urgent” need for better threat detection capabilities as malware continues to evolve.
“Additionally, the findings reveal pain points, maturity levels, and strategies adopted by organisations to manage the current threat landscape and how to prepare for future challenges,” according to the vendor.
Most respondents to the poll indicated that their organisation was only in the early stages of related investment or needed to spend on more tools and processes, the vendor said.
Malware can be used to infiltrate organisations, moving laterally to gain long-term access, cause damage, or exfiltrate data and trade secrets. Combating such threats requires, in part, threat intelligence gathered with the likes of sandboxes and use of appropriate analyses.
With advanced threat intelligence, organisations can boost defences and incident response as well as tailor specific security approaches, according to the vendor.
Common challenges cited in the poll included detecting unknown as well as known malware, grappling with inadequate signature-based offerings, and a need to deal with multiple toolsets.
Phishing URLs and email were among their concerns.
For file type and delivery this emphasised the need for advanced security measures such as deep content disarm and reconstruction (CDR), sandboxing, and link reputation checks, according to Opswat.
The report can be downloaded from the Opswat website.