Intelligent CISO Issue 61 | Page 37

FEATURE
Why is threat intelligence important and why should CISOs integrate this into their business strategies ?
The cybersecurity landscape is constantly evolving , and threat intelligence serves to collect information on attacker motives , exploit capabilities , malware code , infrastructure and resources . To protect businesses from threats , cybersecurity researchers continually seek out intelligence on the next potential attack . Hackers and threat intelligence researchers are still playing the proverbial cat-and-mouse game where researchers find and remediate threats and attackers find new ways to bypass defences , thus incorporating threat intelligence into your cybersecurity strategy is crucial if you want to attempt to stay ahead of attackers . The Proofpoint Threat Hub is a great free resource for the latest threat intelligence .
The State of Phish Report revealed some of the biggest regional cyberthreats across 15 countries . What surprised you most about the results ?
When you ’ ve worked in cybersecurity for a while one of the most surprising parts of the research that goes into State of the Phish is user awareness of cyberthreats – or the lack thereof . Even basic cyberthreats are still not well understood – more than a third of survey respondents cannot define ‘ malware ’, ‘ phishing ’ and ‘ ransomware ’. Also , nearly half ( 44 %) of employees indicate they think an email is safe when it contains familiar branding and 63 % think an email address always corresponds to the matching website of the brand .
In addition , although ransomware is nothing new , it continues to wreak havoc globally . The report revealed that eight-out-of-10 UK organisations ( 82 %) experienced an attempted ransomware attack in 2022 with 62 % suffering a successful infection , and of those infected , just 33 % of organisations were able to regain access to data after paying a ransom . Looking at this from an EMEA lens , there are some surprising differences . While Swedish organisations were the most likely to pay ransomware demands ( 80 % vs . a 64 % global average ), UK organisations fared worse overall when compared to all 14 countries . Not only did they fail to get access to their data after payment ( 33 % vs . 52 %), but their cyberinsurance claims were denied most often ( 23 % vs 7 %). www . intelligentciso . com
37