Businesses left to make decisions based on old, inaccurate data, study finds
Organisations are often forced to make critical security decisions based on threat data that is not accurate, relevant or fresh, a new study finds.
Neustar has released a new report from the Neustar International Security Council (NISC), which shows just 60% of cybersecurity professionals surveyed indicate that the threat data they receive is both timely and actionable, and only 29% say the data they receive is both extremely accurate and relevant to the threats their organisation is facing at that moment.
With regard to the timeliness of threat data, only 27% of organisations are able to base their security decisions on near real-time data, while 25% say they receive updates hourly and another 24% receive updates several times per day.
According to the report, approximately one-third of organisations state that they have been the victim of a successful domain spoofing attempt (37%) or domain hacking attempt (31%) within the last 12 months.
Findings from the latest NISC research also highlighted a 12.4-point year-on-year increase in the International Cyber Benchmarks Index.
Calculated based on the changing level of threats and impact of cyber attacks, the index has maintained an upward trend since May 2017.
In addition, during July and August 2020, system compromise and distributed denial-of-service attacks (both 21%) were ranked as the greatest concerns for security professionals, followed by ransomware (20%) and theft of intellectual property (17%).
During this period, targeted hacking (63%) was most likely to be perceived as an increasing threat to organisations, followed by ransomware and DDoS attacks (both 62%).
In this round of the survey, 72% of participating enterprises indicated that they had been on the receiving end of a DDoS attack at some point, compared to an average of 52% over the 20 survey rounds.
NISC chairman and Neustar security CTO, senior vice president and fellow, Rodney Joffe, says, “With the pandemic exacerbating the sheer volume of threats and the nature of remote workforces creating a broader range of vulnerabilities, it is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors."
Joffe says, “A timely, actionable and highly relevant security threat data feed can help deliver curated insights to security teams, allowing them to better identify and mitigate risks such as malicious domain generation algorithms, suspicious DNS tunnelling attempts, sudden activity by domains with little or no history, and hijacked or spoofed domains.”