Two-thirds (66 percent) of threat intelligence analysts are active in professional communities, but 52 percent of those in IT and cybersecurity positions do not have permission to share threat intelligence artifacts created by them Communities were discovered. This emerges from the current Kaspersky report “Managing your IT security team” [1].
Kaspersky has been an advocate of international collaboration in cyberspace for many years and has initiated collaborative initiatives in the global IT security community [2]. The company sees this approach as the best way to protect against evolving cyber threats. Kaspersky therefore surveyed 5,200 IT and cybersecurity experts worldwide to find out whether other companies are willing to collaborate and share threat intelligence.
The study shows that respondents with responsibility for threat intelligence analyzes in particular are increasingly participating in specialized forums and blogs (45 percent), dark web forums (29 percent) and social media groups (22 percent).
However, when it comes to sharing their own findings, only 44 percent of those surveyed actually made their findings public. In companies that allow such information to be shared externally, 77 percent of security analysts shared their findings. Almost a tenth (8 percent) even shared this, although this is prohibited by their company.
Such restrictions are partly due to concerns that cyber criminals may learn they have been detected and change their tactics if some objects are publicly known before a company can respond to an attack. To support IT security teams in analyzing suspicious objects without running the risk of their investigations being uncovered, Kaspersky offers a protected submission mode via the free access to the Kaspersky Threat Intelligence Portal. With this option, corresponding samples can be passed on to an analyst without cybercriminals knowing about it.
“Any information about cybersecurity threats – be it new malware or knowledge of the techniques used – is valuable in protecting against advanced attacks,” said Anatoly Simonenko, Group Manager, Technology Solutions Product Management, Kaspersky. “That’s why we always make our threat research findings available through our information resources and threat intelligence services. We encourage security analysts to help others in the same way. “
The full Kaspersky report “Managing your IT security team” at https://www.kaspersky.com/blog/it-security-economics-2020-part-4/
[1] https://www.kaspersky.com/blog/it-security-economics-2020-part-4/
[2] https://www.kaspersky.com/about/policy-blog/general-cybersecurity/supporting-paris-call
–
/nginx/o/2021/03/11/13673596t1h336d.jpg?resize=150%2C150&ssl=1 "airBaltic plans to receive seven more Airbus aircraft by the end of this year – in Latvia – News")