Threat Intelligence Collaboration on the Rise

Written by

Here’s a bit of good news on the cyber-front: There has recently been a clear increase in the public sharing of cyber-threat intelligence since 2015.

AlienVault, which surveyed 617 participants at Black Hat USA 2017, found that IT security professionals are changing their working practices in light of emerging threats such as polymorphic malware and ransomware that can evade traditional security solutions.

The largest group of respondents (43%) cited ransomware as their biggest security concern; the biggest fear for most participants (38%) was not being able to prevent future infection.

Meanwhile the second-largest group, at 31%, were most worried about malware that’s constantly evolving. Recent studies have found that 97% of successful malware infections employ polymorphic techniques. These shapeshifting capabilities render traditional endpoint security solutions ineffective, as these defenses cannot usually identify and stop new threats that haven’t been seen before.

“For years, security teams have perpetuated the myth that one can create an orderly, protective security bubble around an organization to keep the bad guys out,” said Javvad Malik, security advocate at AlienVault. “But new and emerging threats are challenging this approach. Cybersecurity never stops, so it’s vital that security teams pool their collective expertise by sharing threat intelligence. Spotting potential problems before they escalate is vital to minimizing future damage from cyber-attacks.”

This changing threat landscape has fueled a significant increase in the public sharing of threat intelligence over the past two years. AlienVault has been tracking the sharing of threat data through surveys at security conferences worldwide since 2015, it said, and in 2015, just 8% of Infosecurity Europe conference participants and 14% of those attending Black Hat USA said that they publicly shared details about new threats they discovered. In the 2017 survey of Black Hat conference participants, this percentage had jumped to 17%.

Furthermore, the results also show that security professionals are now trusting the threat intelligence available to them more than they did two years ago. In particular, the number of those who trust open-source threat intelligence has doubled from 15% in 2015 (Infosecurity Europe participants only) to 31% of those surveyed at Black Hat 2017.  

“The harsh reality is that no number of security systems can stop an attack; they can only reduce the risk,” Malik said. “The severity of an attack is therefore determined by how quickly a company can respond to threats as they occur. When security teams can identify potential threats before they strike, it can save a company millions in costly damages to both revenue and reputation. Free tools are often the fastest to spot and identify new threats because they rely on the shared experiences of huge numbers of security teams around the world.” 

Have you registered for Infosecurity North America taking place in Boston, 04-05 October 2017? For the full agenda, speaker list and more information, please visit

What’s hot on Infosecurity Magazine?