The deep and dark web is the world’s largest market - and it’s growing. Fast. Cybercriminals keep getting better and security teams are scrambling to win cyber wars on many digital fronts.
A new Dark Reading study, The State of Threat Intelligence, conducted among over a hundred cybersecurity and IT professionals at global enterprises, argues that the current approach to threat intelligence struggles to keep up with the realities of the cybercrime threat landscape - and makes the case for a new way of thinking.
While the area of deep and dark threat intelligence is gaining traction across the cybersecurity industry, many are struggling with a large knowledge gap regarding deep and dark web intelligence collection, the importance of intel freshness, the speed and rate of collections, as well as their overall impact on an organization’s cybersecurity programs and posture.
The report cites that 77% of organizations have at least one dedicated threat intelligence analyst, and 54% have more than five.
Yet an overwhelming 48% of organizations struggle with inaccurate data and 46% with stale data.
For many organizations, the deep and dark web are a blind spot:
32% of organizations say their threat intelligence feeds commonly miss deep web source areas and 30% say they commonly miss dark web source areas
40% say their threat intelligence sources do not cover instant messaging apps
A whopping 51% say their intel sources commonly miss closed forums
50% say their intel sources commonly miss foreign language forums
And that’s not all. The report covers various aspects of threat intelligence from common use-cases to operational challenges. Suggesting that we might have to shift the way we approach threat intelligence and implement a modern, agile threat intelligence methodology that is continuous, fast, iterative, and smart. This means automating collection, analysis, research, and response to minimize the amount of manual labor it takes to truly operationalize threat intelligence.