Many organizations fail to properly interpret IT security threat data or to share threat intelligence, and are unable to turn that data into actionable insights. The result is that many cyber defense systems are ill-prepared to handle the growing number of threats they experience.
Those are among the findings of a new cyber security study from McAfee Inc., “McAfee Labs Threat Report: April 2017,” which noted a huge increase in the number and variety of cyber threats experienced by organizations today.
“The security industry faces critical challenges in our efforts to share threat intelligence between entities, among vendor solutions, and even within vendor portfolios” notes Vincent Weaver, vice president of McAfee Labs. “Working together is power. Addressing those challenges will determine the effectiveness of cybersecurity teams to automate detection and orchestrate responses, and ultimately tip the cybersecurity balance in favor of defenders.”
The McAfee Labs report contains a number of dramatic statistics:
- Total Mac OS malware grew 744 percent in 2016
- Mac OS malware grew by 245 in Q4 of 2016 alone
- 176 new cyber threats were detected every minute, almost three every second in Q4 2016
- Ransomware grew 88 percent in 2016
- Mobile malware grew 99 percent in 2016
- Overall malware grew 24 percent in 2016
- While still a minute fraction compared to Windows threats, new Mac OS malware samples grew 245 percent in Q4 2016
- Total malware samples grew 744 percent in 2016
The report cites a number of challenges to threat intelligence sharing and the effective use of IT security data. The first challenge is the obvious sheer volume of cyber security threats now happening. Beyond that, threat assessment tools need to capture richer data on threat patterns and do so more quickly.
Attackers may file false threat reports to mislead or overwhelm threat intelligence systems, the report says, and data from legitimate sources can be tampered with.
Most importantly, the failure to identify threat patterns and key data points in threat data makes it impossible to turn threat data into intelligence to inform cyber security defense teams, the report concludes.