Threat Intelligence products and services are used by 96 per cent of UK firms, a new study by SecureData shows. The rest plan to do so in the next 24 months.
The study, which surveyed 300 large UK companies to gauge their understanding of Threat Intelligence and the key factors necessary to deliver on its potential, found not only that 96 per cent of UK firms use the service, but also its main benefits and challenges.
Faster attack detection and response (55 per cent), better understanding of threats and attacks (43 per cent), and finding new or unknown threats (42 per cent) were the main benefits identified.
Major challenges, on the other hand, include performance and response times (75 per cent), training and expertise (59 per cent), and the costs of tools, maintenance and personnel (52 per cent).
Another significant problem lies in the analytics-based issues. Correlating events (49 per cent) and reducing false positives and negatives (36 per cent) were surprisingly high up the list.
The survey also found that 66 per cent of businesses plans on investing in Big Data analytics engines, but only a quarter are ready to invest in third-party intelligence products or services.
Only a minority of those surveyed by IDC believe that Threat Intelligence includes intrusion monitoring (33 per cent), or the sharing of information within the security community (35 per cent). An even smaller group includes analytics either based on behaviour (6 per cent) or correlation of security data (6 per cent). Just 3 per cent believe cloud-based intelligence sharing is part of Threat Intelligence.
Less than 60 per cent of respondents integrate data from their firewall or UTM devices, while 47 per cent of the 86 per cent of organisations using an MDM to manage mobile devices integrate data from their system with their Threat Intelligence platform.
Only 34 per cent of firms correlate external data such as threats or attacks on peer companies with their Threat Intelligence platform.