Mar 19, 2020 SOURCE: PR NewsWire

Cyber Threat Intelligence: Analysts Undertrained, Unsupported

REDWOOD CITY, Calif., March 19, 2020 /PRNewswire/ -- 85% of Cyber Threat Intelligence (CTI) professionals have received little or no training for online activities critical to ensure corporate and public safety, according to the new 2020 Cyber Threat Intelligence Report.

The report, which was introduced today, is based on a survey among 338 CTI analysts and practitioners. It is published by market research firm Cybersecurity Insiders and sponsored by Authentic8, the leading provider of web isolation and research solutions with managed attribution for security teams in public and commercial sectors.

The report provides a rare glimpse into the world of cyber threat intelligence production and management. CTI researchers rely to a high degree on collection and analysis of Open Source Intelligence (OSINT) - data and insights gathered from publicly available sources.

Conducting CTI research, whether on behalf of a Network Security Operations Center, fraud investigation department, or public safety team, carries inherent risks. 83% of cyber threat intelligence analysts use a web browser as their primary tool for conducting research, the report shows, yet how they access to the web remains both insecure and attributed to the organization.

The survey results reveal that most CTI practitioners lack training, tools and internal oversight. Highlights from the report include:

    --  34% of respondents didn't have any prior experience with OSINT-related
        research;
    --  85% reported they received little or no training in OSINT techniques and
        risk prevention from their current employer;
    --  55% are venturing into the Dark Web as part of their OSINT activity 10
        or more times per month;
    --  38% do not use managed attribution tools to mask or hide their online
        identities or personas;
    --  29% report no oversight procedures to ensure that tools are not being
        abused by analysts.

"We wanted to understand how well organizations prepare their researchers to explore the web," said Scott Petry, Co-founder and CEO of Authentic8. "These findings show that they are ill-equipped for their mission. Individuals may have some prior experience, but as a group, they're not trained, equipped, or tasked sufficiently. Analysts are at the front lines, and if they're not equipped properly, their actions can put organizations at risk."

CTI professionals are frequently exposed to websites harboring online exploits, such as malware, as well as to attribution, de-anonymization, and counterintelligence efforts by adversaries.

As more organizations are realizing that proper risk management requires external assessment of the threats they are facing, they are turning to primary information analysis functions for better situational awareness.

CTI professionals conduct their research in dark corners of the internet. Many are regularly exposed to websites harboring online exploits. Additionally, adversaries with control over the destination websites where research is conducted can perform de-anonymization and counterintelligence actions which expose identity and intent of the researcher - and that's a growing problem, according to Petry.

"It's surprising that so many organizations - almost 30% - don't even monitor their CTI employees as they traverse the web," added the Authentic8 CEO. "That's a compliance violation or abuse of resources waiting to happen."

The field is evolving, according to Holger Schulze, CEO and Founder of Cybersecurity Insiders: "We're excited to see how rapidly CTI is turning into a pillar of security and public safety functions across the board in a variety of industries. Our report reflects that dynamic."

"This new data comes as a timely reality check," commented Jake Williams, a SANS Institute Analyst and President and Co-Founder of Renditions Infosec, who helped design the survey. "Lessons learned from this survey can be building blocks for improving operational security and collaborative efficiency on CTI teams."

About Authentic8

Authentic8 enables anyone, anywhere, on any device to experience the web without risk. Founded by the principals from Postini, acquired by Google in 2007, Authentic8's Web Isolation Platform, Silo, brings a "trust nothing" stance toward the underlying systems and resources we interact with online daily.

The Silo Web Isolation Platform separates the things you care about like apps, data and devices, from the things you cannot trust like external websites, users and unmanaged devices. Silo executes all web code in a secure, isolated environment that is managed by policy, to provide protection and oversight.

Today, the world's most at-risk organizations rely on Silo to deliver trust where it cannot be otherwise guaranteed. Learn more at www.authentic8.com.

View original content to download multimedia:http://www.prnewswire.com/news-releases/cyber-threat-intelligence-analysts-undertrained-unsupported-301026530.html

SOURCE Authentic8

Related News

Authentic8 Launches OSINT Academy to Improve Readiness and Effectiveness of Research

Analyst1 Wages War on Cybercrime with Next Generation Threat Intelligence Platform

Advanced Intelligence LLC Releases Revolutionary Threat Prevention & Loss Avoidance Platform

SANS 2021 Cyber Threat Intelligence (CTI) Survey Results

Swedish intelligence says 'security' threat worst since 1980s

Cobwebs' Threat Intelligence Solutions

Sixgill Recognized by Frost & Sullivan for its Unique Cyber Threat Intelligence Platform

Cellebrite Rebrands Digital Intelligence Solutions Suite

View all News

Latest Procurements

ACMA-Vehicle fit out

The Commonwealth of Australia represented by The Australian Communications and Media Authority (ACMA) intends to replace its current fleet of monitoring vehicles to support ongoing and future agency business functions....

SIAP SIAGA (Australia-Indonesia Partnership in Disaster Risk Management - Phase II)

Booderee National Park Wreck Bay Road Upgrade

View all Procurementsp