According to KELA's State of Cybercrime Threat Intelligence 2022 Report, 54% of cybersecurity professionals wouldn’t be surprised to find their organization’s data on the cybercrime underground, while only 38% believe that they’re very likely to detect it if it was released. 48% have no documented cybercrime threat intelligence policy in place.
We sat down with David Carmiel, CEO, KELA to discuss the report in more depth and talk about what organizations can do to fortify their cyber threat intel strategies.
What are the biggest challenges facing threat intel experts today?
According to our findings, the biggest challenge security practitioners face when monitoring cybercrime underground, is not having system or browser isolation, which can put them at risk if they try to tap into cybercrime sources from their own network. Another challenge they face is a lack of training or expertise among their ranks who can conduct knowledgeable and efficient cybercrime monitoring.
Additionally, we found they are not satisfied with their visibility into the cybercrime underground. For half of the respondents, the tools they use today just aren't giving them the visibility into the cybercrime underground that they desire in order to conduct thorough threat assessments. However, of the 51% who were satisfied with their visibility into the cybercrime underground, they still didn't have the processes or expertise to leverage that visibility, as 39% were still unable to prevent an attack.
How was this report compiled?
Starting on April 10, 2022, we surveyed 426 security professionals directly responsible for managing cyber vulnerabilities in their day-to-day work. The survey was conducted online via Pollfish using organic sampling. To provide greater context around the findings presented in this report, we offer more details about who we surveyed and the methodology used. Learn more about the Pollfish methodology here.
What did this report find?
We found organizations may be less prepared for threats emerging from the cybercrime underground than they should be. At KELA, our extensive intelligence expertise has shown us just how complex the cybercrime underground really is. The threats are much more comprehensive, and what organizations know and refer to as the dark web is changing within the hour. With these findings, we hope to proactively educate the security community about the state and future of cybercrime so they can stay ahead of the curve.
Report Key Findings:
69% are concerned about threats from the cybercrime underground.
54% wouldn’t be surprised to find their organization’s data on cybercrime underground.
Only 38% believe that they’re very likely to detect it if it was released.
48% have no documented cybercrime threat intelligence policy in place.
Only 41% believe their current security program is very effective.
49% are not satisfied with the visibility they have of the cybercrime underground.
Of the 51% who were satisfied with their visibility into the cybercrime underground, 39% were still unable to prevent an attack.
Additional training and proficiency in cybercrime intelligence investigations is the most needed capability.
What was most surprising about the findings of the report?
One of the most surprising findings was how few respondents felt they could detect their data on the dark web. Only 38% of respondents believe that they’re very likely to detect their organization’s private data if released to the cybercrime underground. Additionally, 52% said they would not be surprised themselves to learn that data had been released to the dark web.
What should organizations do to fortify their cyber threat intel strategies?
Define Priority Intelligence Requirements (PIR) and establish scope. For example, it’s critical to establish the crown jewels your organization wants to protect and the threats you need to identify. From here, choose tools (in-house and external) and partners that can help in the process and leverage automation when possible to be able to focus on the right things and provide context to your stakeholders on top of the actions you recommend them to take.