UK firms not making the most of threat intelligence

New research has revealed that, despite all respondents saying that they plan to adopt threat intelligence capabilities within the next 24 months, only a quarter are ready to invest in third party products or services.

The study of 300 large UK companies - which was commissioned by managed cybersecurity services provider SecureData and conducted by IDC - also found that over half (55 per cent) of large firms are outsourcing various security-related functions, but 58 per cent are buying threat intelligence products that are managed in-house.

Of the 45 per cent of respondents whose organisation does not use managed security services, two-thirds claimed they have all the necessary resources internally despite the biggest challenges to threat intelligence being identified as performance and response times, the cost of tools, maintenance and personnel and training and expertise.

“While organisations may argue that they have all the in-house expertise and resources they need, this clearly isn’t the case with threat intelligence,” states Etienne Greeff, CEO at SecureData. “The range of data feeds both within an organisation and externally can be vast, with security operations often being overwhelmed with data from events and alerts. Digesting threat information can also be a slow and painful process, while most organisations lack contextual awareness. An organisation must join the dots in a vast sea of data to find relevant evidence of an imminent, or already successful attack.”

Of the firms already using managed security services or outsourcing some part of their security operations, just four per cent do so to lower costs, whereas a third did so for improved visibility, monitoring and control and a fifth saw the main benefit as being better and earlier threat detection.

Marty Legg, cloud services director at SecureData said: “Harnessing the power of threat intelligence isn’t easy. Enormous investments in specialist people, processes and technologies are required – with no guarantee of success.

"Organisations should not try to go it alone. If you’re making a threat intelligence investment, it should be in a provider that offers an extensive cloud-based service that’s managed on your behalf, and which you can consume on a pay-as-you-grow basis.”

Image source: Shutterstock/Pavel Ignatov