There’s a lot of talk these days about Cyber Threat Intelligence (CTI) because it gives organizations an opportunity to be proactive, rather than reactive, in their cyber defense. There are many interesting use cases for CTI, but it takes an investment in tools and people to be used effectively. So how do you know it’s worth the investment and is it something your organization should consider in 2019?
Let’s take a look at 7 statistics that demonstrate how CTI can help your organization defend proactively and reduce your overall cyber risk.
#1: There’s Been a 297% Rise in Retail Phishing Websites over the Last Year
In our Retail Threat Landscape Report, we observed a 297% increase in retail phishing websites. Why is this important? Threat actors like to target the weakest link, which more often than not is your customers. As organizations continue to bolster cyber defenses, cybercriminals are attempting to circumvent those defenses by targeting consumers directly. In addition, new tools, like Phishing Kits, have lowered the hacker “barrier-to-entry”, meaning less sophisticated hackers are able to run their own campaigns, and do so at a faster rate.
Further Reading: Find out how Hacking-as-a-Service is changing the threat landscape
This has made it increasingly challenging for organizations to protect customers and brand reputation from this increase in consumer phishing activity. Using cyber threat intelligence to monitor for new phishing domains can help you extend phishing protection to your customers by taking down domains before before they’re ever used in an attack.
#2: 71% of Organizations Who Do Not Deploy a Threat Intelligence Solution Say it is Difficult to Prioritize Threat Intelligence Data
This was a key finding from a Ponemon Institute study on the value of threat intelligence. Cybersecurity teams have a lot of incidents to investigate and respond to, so any help identifying critical issues and prioritizing work is helpful. Comparing threat data to your digital assets can help you add context and relevance to your intelligence, enabling you to prioritize workloads and understand if and how a threat impacts your organization.
#3: Over 23% of DevOps Servers are Openly Accessible via the Web
Cloud-based SaaS solutions are great for productivity. Different departments can now implement technology solutions on their own, without the need of IT or the security team’s involvement. However, these departments often misconfigure access and sharing permissions, leaving data and sensitive materials publicly exposed, if you just know where to look.
In our research report, DevOps Beware: Your Servers Are Open for Business, we found that over 23% of DevOps servers are openly accessible via the web, either fully exposed or behind a simple login page (which be guessed or brute-forced for access). Cyber threat intelligence can help you monitor for misconfigured servers and databases, so you can lock down any accidentally exposed data before an unauthorized party accesses it.
#4: 149% Increase in Credit Card Details for Sale on the Dark Web
Credit card fraud is nothing new, but the internet has enabled increased access and opportunities for making fraudulent purchases. In our Financial Services Threat Landscape Report, we observed a 149% increase in credit card details for sale on the dark web. Monitoring the dark web for your BINs and key account numbers can help you identify when your details have been leaked and lock down accounts before any fraud is committed, which can save organizations millions of dollars each year.
#5: 56% of Organizations Experienced a 3rd Party Data Breach in 2017
This stat comes from a study done by the Ponemon Institute, titled Data Risk in the Third-Party Ecosystem. Vendors, partners, suppliers, integrators, acquisitions and any other organization that holds/shares a company’s data all contribute to overall cyber risk. Companies must regularly assess and manage risk for their cyber supply chain, and can do so by extending cyber threat intelligence to cover their 3rd party organizations.
#6: 40% Increase in Corporate Credential Leakage
This is another finding from our Financial Services Threat Landscape Report. Leaked credentials are one of the simplest ways for unauthorized parties to gain access to corporate systems, and there’s no limit to leaked login credentials you can find on the dark web. Monitoring forums, paste sites and other underground data exchange forums can help you identify leaked company credentials in real time so you can lock down or reset those credentials. Leveraging automation and directory integrations can help you speed up the mitigation process, so you are closing holes quickly before any damage is done.
#7: Expected 3.5 Million Unfilled Cybersecurity Positions by 2021
It’s no secret that there is a shortage of cybersecurity talent across the world, but it is important to consider as you plan to evolve your cybersecurity defenses and programs. Organizations need help working smarter, not harder, and cyber threat intelligence can help you look beyond your firewall to anticipate cyber threats.
Want to learn more about how your industry or department can use cyber threat intelligence?