Enterprise Strategy Group Study Reveals Most Organizations Overwhelmingly Value Threat Intelligence Sharing

San Mateo, CA, May 20, 2015 (Newswire.com) - Vorstack, a leading Threat Intelligence Platform provider for automation, curation and collaboration of threat intelligence to fight cyber threats, today announced results from Enterprise Strategy Group’s (ESG) Threat Intelligence Survey. The study found that most respondents overwhelmingly (94 percent) believe it is highly or somewhat valuable to share threat intelligence information between federal agencies and other private organizations. However, only 37 percent of respondents’ organizations regularly share internally driven threat intelligence with other organizations or industry Information Sharing and Analysis Centers (ISACs).

The Threat Intelligence Survey was independently conducted by ESG, an integrated IT research, analyst, strategy, and validation firm, to gain a deeper insight into threat intelligence programs and planned future activity. The study analyzed responses from more than 300 online surveys from IT and security professionals who are directly involved in the planning, implementation, and/or daily operations of their organization’s threat intelligence program, processes, or technologies. Participating organizations were North American based with more than 1,000 employees, spanning financial, business services, manufacturing and retail vertical markets. To see the results released today, please see:
http://vorstack.com/wp-content/uploads/2015/05/ESG-Threat-Intelligence-Research-overview-5-15-2015.pdf

"There is clearly an understood value in leveraging threat data, but organizations are finding it difficult to collect, analyze and pinpoint critical threats. According to our research, automation is needed for organizations to wade through the mass of alerts they receive, and standards are needed for the secure sharing of threat intelligence."

Jon Oltsik, ESG senior principal analyst

“There is clearly an understood value in leveraging threat data, but organizations are finding it difficult to collect, analyze and pinpoint critical threats,” said Jon Oltsik, ESG senior principal analyst. “According to our research, automation is needed for organizations to wade through the mass of alerts they receive, and standards are needed for the secure sharing of threat intelligence.”

For more information on the study, contact Stu Elefant, Strategic Account Director at ESG, at stu.elefant@esg-global.com

Additional key findings of the study include:

- Nearly three-quarters (72 percent) of participants responded that spending on their organization’s threat intelligence program will increase significantly or somewhat in the next 12 to 18 months.

- Participants responded that 72 percent of their organizations plan to collect and analyze significantly or somewhat more internal threat intelligence over the next 12 to 24 months; while 55 percent of their organizations plan to collect and analyze significantly or somewhat more external threat intelligence over the next 12 to 24 months.

- However, organizations face challenges with collecting and analyzing external threat intelligence. Some of the top challenges include: threat intelligence is collected and analyzed by different individuals/tools so it is difficult to get a holistic picture of internal and external threats (32 percent); organizations inadvertently block legitimate traffic as a result of a problem with threat intelligence collection/analysis (32 percent); threat intelligence collection and analysis workflow process and integration problems (31 percent); and threat intelligence isn’t always as timely or actionable as respondents need it to be (28 percent).

- Nearly all participants (97 percent) responded that standards are very important or somewhat important for their organizations to consume threat intelligence.

“The idea around sharing threat intelligence among organizations is rapidly gaining traction,” said Anne Bonaparte, CEO of Vorstack. “To achieve this, organizations need a holistic picture of internal and external threats for the enterprise, and the ability to share threat intelligence among organizations in a manner that is secure, anonymous, non-attributed and standards based. Our customers have found that sharing with ISACs and other trusted groups using our VorstackTM Trusted Circles delivers immediate value and actionable results to remediate.”

About ESG
Enterprise Strategy Group (ESG) is an integrated IT research, analysis, and strategy firm that is world-renowned for providing actionable insight and intelligence to the global IT community. Recognized for its unique blend of capabilities—including market research, hands-on technical product validation, and expert consulting methodologies such as the ESG Strategy Lifecycle—ESG is relied upon by IT professionals, technology vendors, investors, and the media to clarify the complex. For more information visit:  www.esg-global.com.

About Vorstack
Vorstack provides a Threat Intelligence Platform that automates the process of collecting, analyzing, correlating and securely sharing structured and unstructured machine-readable information on current and emerging cyber threats. The Vorstack Automation and Collaboration Platform dramatically increases operational efficiency by reducing the time it takes enterprises to identify and remediate security threats. Vorstack enables secure and anonymous collaboration and ensures control and protection of shared information. Vorstack reduces discovery time, remediation time, and overall risk to cyber-threats. For more information, visit www.vorstack.com.

###