A new report from Mandiant, entitled “Global Perspectives on Threat Intelligence”, reveals that majority of cyber security decisions are made without taking into consideration the attackers. The report, which is based on a global survey of 1,350 cyber security decision makers from 13 countries and 18 sectors, highlights the challenges organizations face in the ever-changing threat landscape.
“A conventional, check-the-box mindset isn’t enough to defend against today’s well-resourced and dynamic adversaries,” said Sandra Joyce, Vice President of Mandiant Intelligence at Google Cloud. “Security teams are outwardly confident, but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization.”
The report found that nearly all respondents (96%) were satisfied with the quality of the threat intelligence they were using, but struggled with effectively applying it throughout the security organization (47%). The vast majority (98%) of those surveyed said they needed to be faster at implementing changes to their cyber security strategy based on available threat intelligence.
Despite the concerns, the survey results showed that cyber security decision makers remain optimistic about the effectiveness of their cyber defenses. When asked about confidence in their organization’s ability to defend against different types of cyber threats, the majority of respondents felt confident about defending against financially motivated threats, such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and nation-state actor (83%).
However, the report also highlights that 67% of cyber security decision makers believe that senior leadership teams still underestimate the cyber threat to their organization, while 68% agreed that their organization needs to improve its understanding of the threat landscape.
“As our ‘Global Perspectives on Threat Intelligence’ report demonstrates, security teams are concerned that senior leaders don’t fully grasp the nature of the threat,” said Joyce. “This means that critical cyber security decisions are being made without insights into the adversary and their tactics.”
In addition to the above, the report found that cyber security is only discussed once every four to five weeks with various departments within organizations, including the board and senior stakeholders, and even less frequently with groups such as investors. Only 38% of security teams share threat intelligence with a wider group of employees for risk awareness and 79% of respondents said that their organization could focus more on identifying critical trends.
The survey was conducted by Vanson Bourne between August and September 2022 and feedback was obtained from IT security decision makers across EMEA, North America, and JAPAC at organizations with over 1,000 employees.
About Mandiant: Mandiant is a leading provider of dynamic cyber defense, threat intelligence, and incident response services. By leveraging decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.