Cybersecurity Decisions Don't Really Understand Today's Attackers
- By CDOTrends editors
- February 21, 2023
Threat actors vary in sophistication, motivations, targets, and attack vectors. They can be criminals, hacktivists, nation-states, or any combination. Despite this complexity and diversity, companies often make cybersecurity decisions without considering the threat actors involved.
According to a new Mandiant report, 79% of respondents stated that their organization makes most cybersecurity decisions without insights into the threat actor targeting them. This means their decisions are based on incomplete information and, therefore, could be inadequate to protect against specific threats.
The report revealed that while virtually all participants (96%) were pleased with the quality of their organization's threat intelligence, effectively utilizing it across their security infrastructure proved one of the most significant difficulties faced (47%).
“As our ‘Global Perspectives on Threat Intelligence’ report demonstrates, security teams are concerned that senior leaders don’t fully grasp the nature of the threat. This means that critical cyber security decisions are being made without insights into the adversary and their tactics,” said Sandra Joyce, vice president of Mandiant Intelligence at Google Cloud.
Key pointers for cybersecurity
Almost all (98%) think they are implementing slower than necessary to keep up with the pace of threats adequately.
Most cyber security decision-makers (67%) believe that senior management teams fail to recognize the potential dangers their organization is exposed to. Also, many professionals (68%) agree that their businesses must become more informed about the growing digital threats.
Furthermore, 79% of respondents said their organization could benefit from taking more time and energy to identify critical trends. Whether it’s recognizing new attack patterns or understanding the implications of emerging technologies, threat intelligence is the key to staying ahead of cybercriminals.
“A conventional, check-the-box mindset isn’t enough to defend against today’s well-resourced and dynamic adversaries. Security teams are outwardly confident but often struggle to keep pace with the rapidly changing threat landscape. They crave actionable information that can be applied throughout their organization," Joyce added.
Actionable information may come in the form of intelligence about the tactics and techniques used by threat actors, information about their methods of operation, or knowledge regarding current and emerging threats.
Most of those surveyed by Mandiant are still optimistic about the effectiveness of their defenses. When asked about their level of confidence in being ready for different security incidents, the respondents indicated that they felt most confident with financially driven events like ransomware (91%), followed by threats from hacktivist actors (89%) and nation-state actors (83%).
Image credit: iStockphoto/ajr_images