Security buyers lack insight into threats, attackers, report finds

The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a report

Cyber security leaders tend to be happy with the quality of?threat intelligence?they get from their industry partners, but struggle to generate real insight from it, and are making uninformed, or even downright bad, purchasing decisions as a result.

A study conducted by?Google Cloud’s Mandiant, based on a global survey of 1,350 security decision-makers in 13 countries and 18 sectors, including financial services, government and healthcare, found that while security leaders believe they need to better understand the threats they may be facing, 79% of them are making important security decisions without insights.

Almost half, 47%, said they found the task of effectively applying the intelligence they?do?have throughout the security team to be one of their greatest challenges, and 98% said they needed to do much better at implementing changes to their cyber strategy based on up-to-date intel. A total of 79% agreed their organisation could usefully stand to focus more time and energy on identifying crucial trends.

Ultimately, 67% of respondents said the senior leadership teams in their organisations were underestimating the threats they faced, and 68% agreed they needed to improve their understanding of the threat landscape. Only 53% felt able to prove to their bosses that they had an effective security programme.

“Organisations in the UK remain high-value targets for cyber threat actors,” said Jamie Collier, Mandiant’s senior threat intelligence advisor for EMEA.

“With a number of high-profile breaches already this year, security professionals are more conscious than ever of the need for better security practices.

“This research indicates that one of the biggest barriers to building stronger defences is the sheer volume of information: organisations must find better strategies for putting intelligence into action to regain much-needed focus and identify clear priorities,” he said. “UK organisations need to put themselves on the front foot, and that can only be achieved by knowing your adversaries, implementing changes at speed, and ensuring cyber risks are communicated effectively among all stakeholders.”