14 DAY TRIAL // A new study by the Ponemon Institute on behalf of Norse, a company that provides live threat intelligence solutions, shows that organizations spend large amounts of money each year to address the impact of exploits.
On average, organizations spent around $10 million (€7.5 million) in the past 12 months to resolve the consequences of exploits.
However, experts note that this enormous cost could be reduced by 40% if they had efficient live threat intelligence systems in place.
The figures from the report show that 60% of the companies have been unable to stop exploits because of their outdated or insufficient threat intelligence. Those who have stopped the attacks launched by cybercriminals note that they need threat information 4.6 minutes in advance to prevent data from being compromised.
On the other hand, the organizations that aren’t able to detect attacks, need around 12 minutes of advanced warning to save their data.
“These findings are startling but not surprising. Enterprises are conditioned to believe that after-the-fact threat intelligence is all that is available, a perception that is leaving them open to compromises and data breaches that are costing them millions,” says Sam Glines, CEO, Norse.
“This report makes it clear that enterprises are in need of an advanced level of threat intelligence that shrinks the interval between attack identification and mitigation down to minutes or even seconds if they are to survive the modern-day cyberthreat juggernaut.”
The report also highlights some other noteworthy enterprise security aspects. For instance, 72% of the 708 respondents believe that it’s important to know the geo-location of the attack source in order to mitigate it.
Interestingly, while 69% see China as being behind future attacks, 71% reveal that most of the current attacks originate in the US.
Most companies are mainly concerned with advanced persistent threats (APTs), but 54% of them are also concerned about rootkits. Code and SQL injection is a major concern for 45% of the respondents.
Criminal syndicates and state-sponsored actors are feared by most organizations.
However, 35% of organizations rely on their IT security team’s “gut feel” to determine if an attack will occur.
“Ponemon Institute has conducted IT security research for over a decade, and this is one of the first studies that reveals the facts behind the impact that weak threat intelligence is having on organizations,” comments Larry Ponemon, founder and chairman of Ponemon Institute.
“Anyone who reads this report will come to understand that live threat intelligence must be an integral part of any security strategy.”
The complete report is available here (registration required).