Less than half of cybersecurity experts are sharing information with each other, even though the overwhelming majority who are see great benefits from doing so

 
Hayley Kirton
Follow Hayley
Largest Internet Cafe in Times Square
Those who are sharing are most likely to be talking about malware behaviour (Source: Getty)

Clearly nobody ever told IT departments that to share is to care, as less than half of cybersecurity experts share information on threats with others in their profession.

According to research released today from McAfee Labs, the threat research division of Intel Security, only 42 per cent of the cybersecurity professionals they surveyed use shared threat intelligence, despite 97 per cent of those who do saying it helps them provide a better service for the company they work for and 59 per cent saying the shared data was "very valuable" to their organisation.

Types of threat information being shared

Behaviour of malware - 72%

URL reputations - 58%

External IP address reputations - 54%

Certificate reputations - 43%

File reputations - 37%

For those who shared information, the most popular tip-off to disclose was about malware behaviour, with almost three-quarters (72 per cent) saying they had shared this. This was followed by URL reputations (58 per cent) and external IP address reputations (54 per cent).

"Cyber threat intelligence (CTI) sharing is a crucial strategy to ensure that enterprises across entire industries are able to learn from each other and set up proactive defences to safeguard both their corporations and the industry as a whole," said Raj Samani, EMEA technology chief at Intel Security. "In many cases, advanced stealthy attacks can lay hidden on a network, undetected.

"With corporations proactively sharing details of threats and attacks, similar enterprises will also be able to more rapidly detect threats and correct their systems."

Read more: Adele targeted by hackers

When asked what stopped them from sharing threat information, over half (54 per cent) cited company policies, while 24 per cent said regulations within their industry and 24 per cent said lack of knowledge on how the information would be used.

The report also found that cyberthreats are on the rise, with new ransomware up 26 per in the last quarter of 2015 compared to the third quarter of the year.

"Our report highlights that CTI must overcome the barriers of organisational policies, regulatory restrictions, liability risks, and a lack of implementation knowledge before its potential can be fully realised," added Samani.

Related articles