Global survey of cyber security decision makers finds that while nearly all respondents are satisfied with the quality of their threat intelligence, nearly half struggle with effectively applying it
Mandiant Inc. today unveiled the findings of its “Global Perspectives on Threat Intelligence” report, which provides new insight into how organizations navigate the increasingly complex threat landscape. The report is based on a global survey of 1,350 cyber security decision makers across 13 countries and 18 sectors, which includes 100 organizations from India.
Operationalizing intelligence: an identified challenge
Despite the widespread belief that understanding the cyber threat actors who could be targeting their organization is important, 75% of respondents in India (79% of respondents globally) stated that their organizations make the majority of cyber security decisions without insights into the threat actor that is targeting them.
While the report found that nearly all respondents globally (96%) were satisfied with the quality of threat intelligence their organization is using, respondents declared effectively applying that intelligence throughout the security organization to be one of their greatest challenges (47%). Further, 98% of those surveyed in India (98% of respondents globally) said they need to be faster at implementing changes to their cyber security strategy based on available threat intelligence.
Underestimating the threat
According to the survey, 66% of cyber security decision makers in India (67% of global respondents) believe senior leadership teams still underestimate the cyber threat posed to their organizations, while more than two-thirds of global respondents (68%) agree their organization needs to improve its understanding of the threat landscape.
However, despite these concerns, security decision-makers remain optimistic regarding the effectiveness of their cyber defences. When asked about confidence in whether their organization is fully prepared to defend itself against different cyber security events, respondents globally felt most confident in tackling financially motivated threats, such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and nation-state actor (83%).
Respondents in India, however, had a different take on this. Only 43% of security decision-makers are very confident that their organisation is fully prepared to defend itself against a significant cybersecurity event caused due to hacktivist actors. Against financially motivated attacks (e.g. ransomware), just over half (54%) of the respondents feel very confident that their organisation is fully prepared to defend themselves.
Further, just over half of respondents, globally (53%) felt they could prove to their senior leadership team that their organization has a highly effective cyber security program.
Other key findings:
- When asked to rank which countries their organization would be unable to fully defend itself against, more than half of respondents globally (57%) said Russia, followed by China (53%), North Korea (52%) and Iran (44%). Given the geopolitical sentiments in India, 68% organizations in India believe that they would not be able to fully defend against attack from China, followed by Russia (61%).
- Cyber security, globally, is only discussed on average once every four or five weeks with various departments within organizations, including the board, members of the C-suite and other senior stakeholders. This cadence is even less frequent for groups such as investors, where the average rises to once every seven weeks.
- 50% of respondents in India (33% globally) reported that their organization had suffered a significant cyber attack in the past 12 months, defined as one that has caused demonstrable harm.
- Only 38% of security teams globally share threat intelligence with a wider group of employees for risk awareness.
- A majority (79%) of respondents globally relayed that their organization could focus more time and energy on identifying critical trends.
Resources
Access the full “Global Perspectives on Threat Intelligence” report and analysis here: https://www.mandiant.com/global-perspectives-on-threat-intelligence
Quotes
Sandra Joyce, Vice President, Mandiant Intelligence at Google Cloud comments: “A conventional, check-the-box mindset isn’t enough to defend against today’s well-resourced and dynamic adversaries. Security teams are outwardly confident, but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization.”
Joyce continued, “As our ‘Global Perspectives on Threat Intelligence’ report demonstrates, security teams are concerned that senior leaders don’t fully grasp the nature of the threat. This means that critical cyber security decisions are being made without insights into the adversary and their tactics.”
Commenting on the report, Subhendu Sahu, General Manager, India, Mandiant – Google Cloud said, “In this rapidly changing threat landscape, organizations, especially in India, are realizing the value of a sound cyber defence infrastructure. It is imperative for leaders and security teams to work towards implementing a strong cyber security posture. Cyber attackers are continuously evolving to find new and innovative ways to breach organizational defences. Failing to prioritize all aspects of cyber defence, including threat intelligence, will undoubtedly leave organizations vulnerable. The ‘Global Perspectives on Threat Intelligence’ report aims to bridge this gap by bringing to light crucial insights for organizations in the war against cyber crime.”
END Survey Methodology:
Commissioned by Mandiant, the “Global Perspectives on Threat Intelligence” survey was conducted by Vanson Bourne, a global market research firm, between August and September 2022. Feedback was obtained from 1,350 IT security decision makers across EMEA, North America and JAPAC at organizations with 1,000+ employees.
About Mandiant
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.
About Google Cloud
Google Cloud accelerates every organization’s ability to digitally transform its business. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.