ESG Video Capsule: Threat Intelligence and Enterprise Cybersecurity Practices, Part 1 - Organizational Objectives
In this ESG Video Capsule series, ESG Senior Principal Analyst Jon Oltsik reviews recent ESG Research on Threat Intelligence trends. In this segment, Jon discusses organizational objectives.

Aug 25, 2015
Video Capsule   ESG Video Capsule: Threat Intelligence and Enterprise Cybersecurity Practices, Part 1 - Organizational Objectives
Author: Jon Oltsik

 

In this ESG Video Capsule series, ESG Senior Principal Analyst Jon Oltsik reviews recent ESG Research on Threat Intelligence trends. In this segment, Jon discusses organizational objectives.


For more information, please read the related ESG Research Report, Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices.



Video Transcript


ESG just published a new research report titled, "Threat Intelligence and Its Role Within Enterprise Cyber Security Practices." The objective of this project was to assess how enterprises are using threat intelligence, the challenges they have with threat intelligence, and to determine the strategic plans they have for threat intelligence consumption and sharing.


Enterprise threat intelligence programs are becoming increasingly mainstream, as they add value to security analysis, forensic investigations, and incident response processes. Thirty-eight percent say that their top threat intelligence program objective is to improve automated prevention. They want to fine tune security controls, based upon timely information about malicious activities in the wild. Thirty-three percent want to use threat intelligence to automate security operations and remediation activities. This is in response to the existing burdens associated with so many manual security processes and work flows. Twenty-eight percent  want to establish a central threat intelligence service, to guide cyber security activities of smaller IT groups. Organizations want to build a central threat intelligence service to improve efficiencies, develop centers of excellence, and lower costs.


Enterprise threat intelligence programs are fairly immature. Forty percent of organizations admit that their threat intelligence program is less than two years old. Now many organizations have been consuming threat intelligence for years, but operationalizing threat intelligence is still in its genesis phase. It's also important to point out that threat intelligence sharing is even more immature than threat intelligence consumption. So, it may take a few more years to achieve any widespread benefits from industry threat intelligence sharing communities or public/private threat intelligence sharing groups involving government agencies.


For more videos in this series or to look at the report go the ESG website.