Threat intelligence is on the rise

For one thing, professionals are in short supply. The (ISC)² 2022 Cybersecurity Workforce Study estimates that there is a global cybersecurity workforce gap of 3,4 million people. Additionally, nearly 70% of cybersecurity workers “feel their organization does not have enough cybersecurity staff to be effective.” So, even if an organization has the means to hire cybersecurity experts, they might not be able to find them.

Furthermore, data from the past several years shows that organizations are investing more and more in cybersecurity each year. Gartner (2022) predicts that “worldwide spending in security and risk management will grow by more than 11% in 2023”, up to 188 billion dollars from 158 billion in 2021. This trend is expected to continue, and worldwide cybersecurity spending is forecasted to climb 11% for each year to come. Despite the significant increase in spending, cyber security breaches are becoming more frequent – and they cost more.

It is no secret that cybercrime is a serious challenge, but what is the actual magnitude of the problem? Data from Check Point Research (2023) shows that the number of cyberattacks was 38% higher in 2022 than the previous year. While not all of the attacks are sophisticated or targeted, the sheer volume of them raises the odds that attacks will go undetected – and it only takes one successful attack for an organization to face serious costs, and also damage to its reputation.

According to the IBM Security Cost of a Data Breach report, it takes the average organization a mind-blowing 277 days to fully identify and contain a cyber security breach. This brings the average cost of a data breach up to 4,35 million dollars, a figure that even larger enterprises raise their eyebrows at. (IBM Security 2022.)

So, what will we do when cyber security professionals are in short supply and the number of cyberattacks are all time high? Well, the most effective approach is to identify and respond to an attack as early as possible. The earlier a threat is detected and eliminated, the lower the probability is that the attack will be successful and that it results in damages.

With this in mind the question will now become slightly easier to answer. We can now ask ourselves, how organizations can minimize the amount of time it takes to detect and defeat a threat? Well, the answer is through threat intelligence that improves visibility on risks and enables cyber agility in responding to and taking down threats.

In order for threat intelligence to be impactful, it must be accurate, relevant, actionable and cost effective. In other words, threat intelligence must be true and relevant to the organization. The intelligence must also lead to actions that the organization can take in order to defeat the threat, and the cost of the threat must be greater compared to the cost of remediation. This brings a shift from looking at cybersecurity as strictly a technical problem to a new line of thinking, where cybersecurity is viewed as a business challenge that must be addressed in a manner that is as efficient and cost-effective as possible.

Impactful threat intelligence can reduce the likelihood of a breach, and it can strengthen the security posture to the greatest extent possible. It must however be seen as a business-enabler that provides measurable value to the organization, instead of merely an expenditure. As we are entering a new era with ever growing cybercrime, we must incorporate threat intelligence to our arsenal of security tools in order to fight crime in the most potent way.