GEC NEWS WIREMandiant unveiled findings of its “Global Perspectives on Threat Intelligence” report, which provides new insight into how organizations navigate the increasingly complex threat landscape. The report is based on a global survey of 1,350 cyber security decision makers across 13 countries and 18 sectors – including respondents from the Middle East.
Operationalizing intelligence identified as a challenge.
Despite the widespread belief among Middle East respondents that understanding the cyber threat actors who could be targeting an organization is important (94%), 83% stated that their organizations make most or all of their cyber security decisions without insights into the threat actor that is targeting them.
While the report found that a majority of respondents (91%) in the region were satisfied with the quality of threat intelligence their organization is using, respondents declared that effectively applying that intelligence throughout the security organization to be one of their greatest challenges (49%). Other findings on the collection of information regarding different threat groups and their tactics, techniques, and procedures (TTPs) include:
- Just 47% said their organization had a comprehensive level of understanding about different threat groups and their associated TTPs
- Nearly all respondents (98%) of those surveyed believe they need to be faster at implementing changes based on available threat intelligence.
Underestimating the threat
According to the report, just over two-thirds (68%) of security decision makers believe senior leadership teams still underestimate the cyber threat posed to their organizations, with respondents from the Middle East most likely to lack faith in their senior leadership’s knowledge of the cyber threat (68%).
Despite these concerns, however, security decision makers remain optimistic regarding the effectiveness of their cyber defenses. When asked about confidence in whether their organization is fully prepared to defend itself against different cyber security events, respondents felt most confident in tackling financially motivated threats, such as ransomware, with the majority (96%) at least somewhat confident in defending against this, followed by those conducted by a hacktivist actor (95%) and nation-state actor (91%).
Further, just over half of respondents (57%) felt they could prove to their senior leadership team to a great extent that their organization has a highly effective cyber security program.
