The survey, sponsored by Anomali, also found that 80 percent of North American organizations are currently using threat intelligence as a part of their cyber security programs, up from 65 percent in 2016.
Similarly, 86 percent of respondents say threat intelligence is valuable to their security mission, up from 77 percent a year ago.
Still, 69 percent of respondents said threat intelligence is too voluminous and complex to provide actionable intelligence, and 64 percent said they find it difficult to integrate threat intelligence platforms with other security technologies and tools.
“It’s abundantly clear that organizations now understand the benefits provided by threat intelligence, but the overwhelming volume of threat data continues to pose a hurdle to truly effective adoption,” Ponemon Institute chairman and founder Dr. Larry Ponemon said in a statement.
“Threat intelligence programs are often challenging to implement, but when done right, they are a critical element in an organization’s security program,” Ponemon added. “The significant growth in adoption over the past year is encouraging as it indicates widespread recognition of the value threat intelligence provides.”
Sharing Threat Data
A separate AlienVault survey [PDF] of more than 600 participants at Black Hat USA 2017 found that 17 percent of respondents said they publicly share details about new threats they discover, a significant increase from 8 percent of Infosecurity Europe conference participants in 2015.
Similarly, the proportion of respondents who trust open source threat intelligence doubled from 15 percent in 2015 to 31 percent in 2017.
“For years, security teams have perpetuated the myth that one can create an orderly, protective security bubble around an organization to keep the bad guys out,” AlienVault security advocate Javvad Malik said in a statement. “But new and emerging threats are challenging this approach.”
“Cybersecurity never stops, so it’s vital that security teams pool their collective expertise by sharing threat intelligence,” Malik added.
Separately, an Enterprise Strategy Group survey of more than 400 IT and cyber security professionals found that 72 percent of respondents believe cyber security analytics and operations are more difficult than they were two years ago, and 31 percent of organizations are looking to use threat intelligence to help automate remediation tasks.
The survey, sponsored by ThreatQuotient, also found that while 89 percent of respondents are now using external threat intelligence, respondents still feel adversaries are moving too fast for defenders to keep up.
“These findings demonstrate that while in its infancy, the value of threat intelligence as part of an integrated security operations strategy is critical,” ThreatQuotient senior vice president of strategy Jonathan Couch said in a statement.
“Achieving meaningful threat operations and overcoming common challenges, such as unmanageable amounts of data and alerts, requires the use of a threat intelligence platform to continuously assess threats and prioritize those that are most important and relevant to an organization,” Couch added.