Take a look at some of these numbers from Symantec’s 2016 Internet Security Threat Report. In 2015, Symantec discovered more than 400 million new pieces of malware, an increase of 36 percent over 2014. On average, there was one new zero-day vulnerability found each week. Approximately a half billion records were compromised. Ransomware and spearphishing attacks both increased.
And you know that these numbers will probably be much higher when 2016 is fully reviewed.
Here’s another number for you: Earlier this year, the NSA reported 300 million attack attempts per day. Your company likely isn’t being pinged with that many attempts every day, but there are plenty of attempts on your network, with every phishing email, every website vulnerability and every piece of malware that tries to sneak through via your weakest links. That’s a lot for your security and IT professionals to deal with.
It’s no wonder, then, that a new Ponemon Institute study done with Anomali found that 70 percent of those in charge of an organization’s security are feeling overwhelmed and say that threat intelligence is often too voluminous and/or complex to provide actionable insights. And eSecurity Planet added:
The top reasons for that lack of effectiveness include lack of staff expertise (69 percent of respondents), lack of ownership (58 percent) and lack of suitable technologies (52 percent).
Too much data can actually hinder security efforts, especially if it isn’t delivered in an effective way, Hugh Njemanze, CEO of Anomali, stated in a prepared release, adding:
The number of threat indicators is skyrocketing and organizations simply cannot cope with the volume of threat intelligence data coming their way. It’s clear that what businesses need is a system that pinpoints the threats they must take notice of and that gives them actionable and relevant insights.
Njemanze also pointed out that threat intelligence has to be a priority for every organization. Looking at some of those numbers I presented at the beginning of this article, it is easy to see why. I don’t think it is hyperbole to say that every organization is under attack, some more than others. So what are the options? Njemanze presented a few when he said:
User-intuitive platforms that disseminate the influx of information are essential, as well as having clearly defined roles and responsibilities among staff. We all know that the bad guys analyze intelligence on how to break into networks — it’s now time for enterprises and other organizations that are being attacked to analyze intelligence on adversaries. With a real-time view, security professionals need to know who the attackers are, where they live and what techniques they typically use to stay ahead.