According to Intel Security and McAfee Labs, 97% of those who do report that it improves their enterprise security posture. Of those who use shared threat intelligence, 59% said it was ‘very valuable’ while 38% said it was ‘somewhat valuable’.
Most (72%) of respondents said they were most willing to share data about the behaviour of malware, followed by URL reputations (58%), external IP address reputations (54%), certificate reputations (43%) and file reputations (37%).
Despite the relatively low level of adoption, 91% of the 500 cyber security professionals said they were interested in industry-specific cyber-threat intelligence; some 54% said they were ‘very interested’.
While 63% of respondents indicated they may be willing to contribute their own data – as long as it could be shared securely and privately – only 24% said they were ‘very likely’ to share, while 39% said they were ‘somewhat likely’ to share.
Of those who have not implemented threat sharing in their enterprises, 54% identified corporate policy as the reason, followed by industry regulations preventing information sharing (24%), a lack of information (24%), and concerns about shared data being linked to them personally or their organisations (21%).
The findings suggest a lack of experience or knowledge of the varieties of threat intelligence integration options available to the industry, the report said, as well as a lack of understanding of the legal implications of sharing cyber threat intelligence.
The report highlights the need to overcome the barriers of organisational policies, regulatory restrictions, liability risks and a lack of implementation knowledge to realise the benefits of cyber threat intelligence sharing.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now