SOURCE: IID

IID

April 23, 2014 10:00 ET

Ponemon Institute Survey Finds Exchanging Threat Intelligence Could Have Prevented Recent Cyberattacks

According to IID-Sponsored Research, 71 Percent of Businesses and Government Agencies Say There Has to Be a Better Way to Share Threat Intelligence Than What Exists Today

TACOMA, WA--(Marketwired - Apr 23, 2014) - IID, securing the Internet with shared cyber intelligence, today announced the immediate availability of a Ponemon Institute survey that the company sponsored entitled, "Exchanging Cyber Threat Intelligence: There Has to Be a Better Way." The survey included more than 700 IT and IT security professionals, across businesses and government agencies with an average of 12,000 employees, who answered more than three-dozen questions around threat intelligence sharing. The participants overwhelmingly answered that exchanging threat intelligence could have prevented recent cyberattacks and the traditional ways of sharing threat intelligence are insufficient.

Specifically when survey respondents were asked, "In the past 24 months, has your organization ever suffered a cyber attack that threat intelligence could have prevented," 61 percent said yes. When asked if "there has to be a better way to exchange threat intelligence than exists today," 71 percent agreed.

"What was clear in our findings is that businesses and government agencies know that exchanging cyber threat intelligence will help secure the Internet more so than any other method or technology," said Larry Ponemon, Chairman and Founder of the Ponemon Institute. "Yet what is really confounding is that while most of the people participating in the survey are clearly sharing cyberattack information, they know they aren't doing it correctly or effectively."

Other key findings in the survey include:

  • Only 30 percent of respondents said they are very satisfied or satisfied in the way their organization is able to obtain threat intelligence. The primary reasons for dissatisfaction include the information is not timely, not categorized according to threat type or attacker and too complicated to ensure ease and speed of use.
  • Despite 69 percent of respondents saying threat intelligence becomes stale within seconds or minutes, more than half said they receive information in increments of days, weeks or even months.
  • Fifty-four percent of survey participants said they receive threat intelligence by phone, email or in-person. But they noted that current methods for sharing intelligence are slow, unreliable and unsecure. 
  • Sixty-two percent said current collaboration efforts are constrained by operating in a silo -- such as by industry, geography or community.
  • Sixty-seven percent of respondents approve of a real-time machine-to-machine way to exchange intelligence.

"This survey reinforced what we've been talking about for years; security experts know they need to share but they are largely stuck with legacy ways of sharing, like email and other unsecure methods within limited communities, that are hindering their effectiveness," said IID President and CTO Rod Rasmussen. "As an industry, we must find ways to encourage more machine-to-machine sharing and break out of the existing silos, or the bad guys will continue to beat us with their more effective and broader methods of exchanging intelligence."

To download the complete survey findings go to http://bit.ly/1ixyaUN and to see a video synopsis of the survey, go to http://bit.ly/1mxEMXg.

Methodology
Ponemon conducted the survey in January 2014. The hundreds of respondents work for companies and organizations spanning more than a dozen industries. The most represented industries in the survey were financial services, public sector, and health and pharmaceuticals.

About IID
IID is a cybersecurity company that provides the platform to easily exchange cyber threat intelligence between enterprises and governments. Top financial firms, the largest government agencies, and leading e-commerce companies, social networks and ISPs leverage IID to detect and mitigate threats. IID was founded in 1996. The company is headquartered in Tacoma, Washington. For more information about IID, go to www.internetidentity.com.

About Ponemon Institute
Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. For more information, visit www.ponemon.org.

Contact Information

  • Contact:
    Andrew Goss
    VOXUS Inc. (for IID)
    253.444.5446
    Email Contact