Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

Written by

Four out of five (79%) businesses make most cybersecurity decisions without insights into the threat actor targeting their infrastructures.

The claims come from Google-owned threat analytics company Mandiant, which has also said that while 67% of cybersecurity decision makers believe senior leadership teams still underestimate cyber-threats, 68% agree their organization needs to improve its understanding of the threat landscape.

The data in Mandiant's Global Perspectives on Threat Intelligence report further indicates an almost consensus (96%) among respondents who were satisfied with the quality of threat intelligence their organization uses.

At the same time, almost half of them (47%) have admitted that effectively applying that intelligence throughout the security organization was one of their most significant challenges, and nearly all (98%) said they need to be faster at implementing changes to their cybersecurity strategy based on available threat intelligence.

"Security teams are outwardly confident but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization," said Sandra Joyce, vice president of Mandiant Intelligence at Google Cloud.

"Security teams are concerned that senior leaders don't fully grasp the nature of the threat. This means that critical cybersecurity decisions are being made without insights into the adversary and their tactics."

In terms of what threats teams felt most confident in tackling, financially motivated crime like ransomware was at the top of the list (91%), followed by hacktivist threats (89%) and nation-state actors (83%).

The latest Mandiant report was compiled after a global survey of 1350 cybersecurity decision makers across 13 countries and 18 sectors.

"This research indicates that one of the biggest barriers to building stronger defenses is the sheer volume of information: organizations must find better strategies for putting intelligence into action to regain much-needed focus and identify clear priorities," explained Jamie Collier, Mandiant senior threat intelligence advisor of EMEA at Google Cloud.

"UK organizations need to put themselves on the front foot, and that can only be achieved by knowing your adversaries, implementing changes at speed, and ensuring cyber-risks are communicated effectively amongst all stakeholders."

A separate report by BlackBerry security researchers has shown that several security leaders are also worried about ChatGPT, expecting the AI model to complete a successful cyber-attack within a year.

What’s hot on Infosecurity Magazine?