Two-thirds (69%) of threat intelligence (TI) analysts in the META region are involved in professional communities, but (44%) of all those working in IT and cybersecurity roles are not allowed to share threat intelligence artifacts discovered through those communities, a new Kaspersky report, ‘Managing your IT security team’ has found.
Kaspersky is a long-time advocate for international collaboration in cyberspace and contributes to joint initiatives across the global IT security community.
Kaspersky surveyed more than 5,200 IT and cybersecurity practitioners globally for this report, to see if other businesses were ready to collaborate and share TI.
The research found that respondents with TI analysis responsibilities, in particular, are likely to participate in specialised forums and blogs (48%), dark web forums (32%) or social media groups (28%).
But when it comes to sharing their own findings, only (49%) of respondents have actually made their discoveries public. Conversely, in companies where external sharing is allowed, (81%) of security analysts did so. In 8% of cases, security analysts even shared TI findings despite it being prohibited by the organisation they work at.
“Any piece of information – be it new malware or insights on techniques used – is valuable when protecting against advanced threats. That’s why we constantly make our threat research findings available via our information resources and through our TI services. We encourage security analysts to also give a helping hand to others in the same collaborative way,” said Anatoly Simonenko, Group Manager, Technology Solutions Product Management, Kaspersky.