Cyber defenders may leverage third-party threat intelligence for cyber preparedness, but effective action can be limited by some missing elements…

In an August–September 2022 survey of 1,350 cyber security decision in large organizations (>1,000 staff) across EMEA, North America and JAPAC and 18 sectors – including financial services, healthcare and government — one cybersecurity services firm has concluded in a global threat intelligence report that the majority of business cybersecurity decisions were made without insight into the attacker.

According to the survey data, 67% of cybersecurity decision makers polled believed senior leadership teams still underestimated the cyber threat posed to their organizations, while 68% indicated that their organization needed to improve their understanding of the threat landscape.

When asked about confidence in whether their organization was fully prepared to defend itself against different cybersecurity contingencies, respondents felt most confident in tackling financially motivated threats such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and state-sponsored actor (83%).

Further, 53% felt they could prove to their senior leadership team that their organization had a highly effective cybersecurity program.

Other key findings:

Some 79% of respondents stated that their organizations made the majority of cybersecurity decisions without insights into the threat actor targeting them. Nearly all respondents (96%) were satisfied with the quality of threat intelligence their organization was using, with 47% citing “applying that intelligence throughout the security organization” to be one of their greatest challenges. Also:

    • 98% of respondents indicated they needed to be faster at implementing changes to their cybersecurity strategy based on available threat intelligence.
    • 83% of respondents felt less confident defending against a state-sponsored actor, compared to 89% feeling the same for a hacktivist attack, and 91% where a financially motivated actor was involved.
    • 38% of security teams in the survey shared threat intelligence with a wider group of employees for risk awareness.
    • 79% of respondents indicated that their organization could focus more time and energy on identifying critical trends.

According to Sandra Joyce, Vice President, Mandiant Intelligence, which commissioned the survey: “Security teams are outwardly confident, but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization. Security teams are concerned that senior leaders don’t fully grasp the nature of the threat. This means that critical cybersecurity decisions are being made without insights into the adversary and their tactics.”