Facing too many threats also means having too much data to analyze, and when you don’t have enough skilled security analysts to grasp just what the heck is going on, you have a huge vulnerability problem on your hands.
That’s according to the new Threat Intelligence Benchmark, a commissioned study conducted by Forrester Consulting on behalf of Google Cloud. It investigated the threat intelligence practices of more than 1,500 IT and cybersecurity leaders from eight countries and across 12 industries.
In short, most surveyed leaders admitted they believed their organizations were now vulnerable to cyberattacks and were actually stuck in a reactive state.
“Rather than aiding efficiency, myriad threat intelligence feeds inundate security teams with data, making it hard to extract useful insights or prioritize and respond to threats,” said the study.
“Security teams need visibility into relevant threats, AI-powered correlation at scale, and skilled defenders to use actionable insights, enabling a shift from a reactive to a proactive security posture.”
Of the poll’s respondents, 61% said that their teams are overwhelmed by the sheer volume of information. 60% said they don’t have enough skilled analysts to crunch all of that data, and 59% said it’s difficult to verify the validity and relevancy of threats.
In other words, too many feeds are supplying raw intelligence, but cybersecurity pros can’t effectively interpret and act on it. Naturally, they’re worried they could miss “critical needles in the haystack,” the report says.
Companies in manufacturing are the most worried about missing real threats due to too much data and alerts. Eighty-nine percent of respondents from this sector said that they are “concerned” or “very concerned.”
The concern is definitely justified. The FBI’s latest Internet Crime Complaint Center annual report (PDF) said that ransomware gangs hit manufacturing especially hard in 2024, with 218 reported breaches.
86% of respondents agreed that they “must” use AI to improve their ability to operationalize threat intelligence.
“We believe the key is to embed threat intelligence directly into security workflows and tools, so it can be accessed and analyzed quickly and effectively,” Google Cloud says.
“AI has a vital role in this integration, helping to synthesize the raw data, manage repetitive tasks, and reduce toil to free human analysts to focus their efforts on critical decision-making.”
Indeed, 86% of respondents agreed that they “must” use AI to improve their ability to operationalize threat intelligence. When asked about the benefits of using AI in threat intelligence, improving efficiency by generating easy-to-read summaries was cited most frequently (69%).
Your email address will not be published. Required fields are markedmarked