Understanding adversaries through dark web intelligence
93 percent of CISOs are concerned about dark web threats, and almost 72 percent of CISOs believe that intelligence on cybercriminals is “critical” to defend their organization and increase cybersecurity, according to Searchlight Cyber.
The report findings show that most CISOs use threat intelligence to address security concerns, and 79 percent of CISOs are currently gathering data from the dark web. However, the research suggests that even among those that are already collecting dark web data, there is more work to be done in using it to overcome some of the greatest cybersecurity challenges.
For example, while 71 percent of CISOs reported a desire to see whether their suppliers are being targeted on the dark web, only 32 percent of those that are gathering dark web data are using it to monitor for attacks against their supply chain.
Tackling dark web threats
The research also found that US organizations are further ahead than their UK counterparts in tackling dark web threats:
- 80 percent of US enterprises are gathering threat intelligence, compared to 72 percent in the UK.
- US enterprises are also more likely to use dark web data sources (84 percent vs 75 percent in the UK).
- Consequently, 85 percent of US CISOs said that they feel confident that they understand the profile of their adversaries, compared to 70 percent of CISOs in the UK.
Commenting on the findings, Ben Jones, CEO of Searchlight Cyber, said “Our survey suggests that the US is slightly ahead of the UK in the adoption of dark web intelligence. What is significant is the clear pattern that emerges between gathering more threat intelligence and data from the dark web, and a better security posture. For the UK enterprises that haven’t identified the opportunity of dark web intelligence the results make it crystal clear: gathering dark web intelligence will help them gain a better understanding of their adversaries and increase their chances of spotting an attack.”
Industry sectors respond differently to threats
- The finance industry leads the adoption of dark web intelligence with 85 percent of financial organizations already gathering data from the dark web, followed closely by manufacturing (83 percent), IT and Telecoms (80 percent), and professional services (80 percent).
- The healthcare industry is significantly behind other industries, with only 57 percent of healthcare organizations using dark web intelligence in their security strategy. The oil and gas industry is also behind other “high risk” sectors, with 66 percent of CISOs saying they gather data from the dark web.
- Consequently, only 60 percent of healthcare CISOs and 74 percent of oil and gas CISOs are confident about understanding the profile of their adversaries, lower than the industry average of 77 percent.
“It is likely that health and energy organizations may not have historically considered themselves the primary target for financially motivated cyberattacks emanating from the dark web,” added Jones.
“However, the cybersecurity landscape has changed dramatically over the past few years and threat actors are no longer just focusing on asset-rich organizations like banks and insurance companies. As recent incidents have shown us, they are increasingly targeting enterprises in industries such as healthcare, oil and gas, and manufacturing to leverage the critical nature of these companies, and extort ransoms. This makes it an imperative for these organizations to begin monitoring the dark web, to spot the early warning signs of attack, and improve their security posture based on a better understanding of their adversaries,” Jones concluded.