top of page
Search

A widening gap between cybersecurity capabilities and needs

  • Survey of enterprise cybersecurity executives indicates a widening gap between cybersecurity capabilities and needs - making the case for a new way of thinking

  • Poor data quality, blindspots, lack of context and dark web knowledge gaps plague cyber threat intelligence according to Cybersixgill, Dark Reading report


Cybersixgill, the leader in threat intelligence enablement, has partnered with Dark Reading to produce the 2021 State of Threat Intelligence report. The report found that while the area of deep and dark threat intelligence is gaining traction across the cybersecurity industry, many are struggling with a large knowledge gap regarding deep and dark web intelligence collection, the importance of intel freshness, the speed and rate of collections, as well as their overall impact on an organization's cybersecurity programs and posture.


77% of organizations have at least one dedicated threat intelligence analyst, and 54% have more than five. Yet an overwhelming 48% of organizations struggle with inaccurate data and 46% with stale data. More than half state they don't have access to closed and invite-only forums, and nearly a third said they don't receive intelligence from deep and dark web sources.



"The deep and dark web is the world's third largest economy after the US and China. In other words, if you're a cyber criminal - you have to be there," Meira Primes, CMO of Cybersixgill. "Organizations are drowning in irrelevant data, false positives and lack of 'big picture' understanding. Those who fail to adapt and act accordingly will not be able to advance their cyber defense strategy and protect their organization against cyber threats.


The report surveyed 106 cybersecurity executives at large enterprises, covering various aspects of threat intelligence from common use-cases to operational challenges.


Additional findings include:

  • Multiple Breaches: 25% of organizations have experienced six or more security breaches in the previous 12 months.

  • Long time to action: 35% of organizations say it takes 12 hours or more to supplement new threat intelligence data with enough research to begin escalating and remediating incidents.

  • Drowning in data: 35% of organizations use seven or more threat feeds at a time.

  • Time wasted on false Positives: 95% of organizations waste anywhere from one hour to five days per week per analyst on false positives.

  • Obsolete data impacting almost half of the organizations: 48% of organizations struggle with inaccurate threat intelligence data and 46% with stale data.

  • Lack of context: 40% of organizations cite lack of context as the biggest source of dissatisfaction in threat intelligence.


The report suggests that cybersecurity professionals might have to shift the way they approach threat intelligence and implement a modern methodology that includes automating collection, analysis, research, and response in order to minimize the amount of manual labor it takes to truly operationalize threat intelligence.


In addition, the report recommends a set of baseline criteria for enterprises evaluating threat intelligence feeds. Intelligence, the research shows, should be continuous, iterative, contextual, and operationally integrative.


Cybersixgill developed its agile threat intelligence methodology, Continuous Investigation/ Continuous Protection (CI/CP), to help organizations accelerate incident detection and response by connecting the dots between the tactical incident and its strategic and operational impact. With CI/CP, security teams cut through the overwhelming tide of threat intelligence with automation and insight to fuel mitigation, investigation, and response.


"Threat intelligence simply hasn't kept pace with data collection and analysis capabilities," said Cybersixgill VP Intelligence, Omer Carmi. "We developed CI/CP to modernize the roles of cyber security executives and bring agility to the cyber chain of command. With CI/CP, security teams can maximize performance, break organizational silos, accelerate cyber operations and shift into a continuous state of improved resiliency to stay ahead of the threat curve. In other words: Better results, faster - time and again."



About Cybersixgill


Cybersixgill's fully automated threat intelligence solutions help organizations fight cyber crime, detect phishing, data leaks, fraud and vulnerabilities as well as amplify incident response – in real-time. The Cybersixgill Investigative Portal empowers security teams with contextual and actionable insights as well as the ability to conduct real-time investigations. Rich data feeds such as Darkfeed™ and DVE Score™ harness Cybersixgill's unmatched intelligence collection capabilities and deliver real-time intel into organizations' existing security systems. Most recently, Cybersixgill introduced agility to threat intel with their CI/CP methodology (Continuous Investigation/Continuous Protection). Current customers include large, global enterprises, financial services, MSSPs, governments and law enforcement entities.


SOURCE: Cybersixgill


Comments

connexion_panel_edited.jpg
CXO_8-in-1.png
subscribe_button.png

Disclaimer: The "Industry Events" section in Inno-Thought website serves as a platform for event organizers and vendors to list their events for free. Ho Hon Asia reserves the right, at its discretion, to not proceed with publication/posting at any time or to remove the content following publication.

 

By providing your email address and submitting this form, you agree to receive updates about the event listed, including schedule changes, reminders, and important information.

 

The event information contained in the listing above is for reference only. While we have made every attempt to ensure that the info has been obtained from reliable sources, we are not responsible for any errors or omissions, or for the results obtained from the use of this info. In no event will Ho Hon Asia Limited, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this site or for any consequential, special or similar damages, even if advised of the possibility of such damages.

 

Information subject to change; check official sources. The Organisers reserve the right to modify the Event program, schedule, speakers, and activities without prior notice.

 

Also, the event organizers reserve the right to accept or reject any registration application at its sole discretion, without providing reasons or explanation. Submission of a registration does not guarantee participation in the event.

2026 @ Inno-Thought and its affiliates. All rights reserved.

bottom of page