Mandiant Inc. today unveiled the findings of its "Global Perspectives on Threat Intelligence" report, which provides new insight into how organizations navigate the increasingly complex threat landscape. The report is based on a global survey of 1,350 cyber security decision makers across 13 countries and 18 sectors, which includes 100 organizations from India.
Operationalizing intelligence: an identified challenge
Despite the widespread belief that understanding the cyber threat actors who could be targeting their organization is important, 75% of respondents in India (79% of respondents globally) stated that their organizations make the majority of cyber security decisions without insights into the threat actor that is targeting them.
While the report found that nearly all respondents globally (96%) were satisfied with the quality of threat intelligence their organization is using, respondents declared effectively applying that intelligence throughout the security organization to be one of their greatest challenges (47%). Further, 98% of those surveyed in India (98% of respondents globally) said they need to be faster at implementing changes to their cyber security strategy based on available threat intelligence.
Underestimating the threat
According to the survey, 66% of cyber security decision makers in India (67% of global respondents) believe senior leadership teams still underestimate the cyber threat posed to their organizations, while more than two-thirds of global respondents (68%) agree their organization needs to improve its understanding of the threat landscape.
However, despite these concerns, security decision-makers remain optimistic regarding the effectiveness of their cyber defences. When asked about confidence in whether their organization is fully prepared to defend itself against different cyber security events, respondents globally felt most confident in tackling financially motivated threats, such as ransomware (91%), followed by those conducted by a hacktivist actor (89%) and nation-state actor (83%).
Respondents in India, however, had a different take on this. Only 43% of security decision-makers are very confident that their organisation is fully prepared to defend itself against a significant cybersecurity event caused due to hacktivist actors. Against financially motivated attacks (e.g. ransomware), just over half (54%) of the respondents feel very confident that their organisation is fully prepared to defend themselves.
Further, just over half of respondents, globally (53%) felt they could prove to their senior leadership team that their organization has a highly effective cyber security program.