Market Overview

ESG Research Highlights Growing Cybersecurity Operational Challenges Despite Increase in Spending


ThreatQuotient™, a trusted threat intelligence platform innovator, today
unveiled research
from Enterprise Strategy Group's (ESG) 2017 Next-Generation
Analytics and Operations Study. The study, which involved a survey of
more than 400 IT and cybersecurity professionals, found that 72 percent
feel cybersecurity analytics and operations is more difficult today than
it was two years ago, and that the rapidly evolving threat landscape and
growing volumes of security alarms are the most common challenges facing
enterprises today. Despite increased spending, organizations are still
looking for ways to increase efficiency and improve risk management.
ESG's research revealed that 31 percent of organizations are looking to
use threat intelligence to help automate remediation tasks.

According to ESG, 89 percent of organizations use external threat
intelligence, but IT professionals are still feeling that cyber
adversaries are moving faster than network defenders can keep up. These
challenges are amplified due to almost half of the organizations
reporting a problematic shortage of cybersecurity skills, and admitting
they still rely on manual processes and individuals to aggregate and
analyze threat intelligence. While analysts work to combine more and
more external threat data with internal data and events, organizations
will continue to feel as though they are falling behind their
adversaries. This need to combine and leverage data is driving

"These findings demonstrate that while in its infancy, the value of
threat intelligence as part of an integrated security operations
strategy is critical," said Jonathan Couch, SVP Strategy,
ThreatQuotient. "Achieving meaningful threat operations and overcoming
common challenges, such as unmanageable amounts of data and alerts,
requires the use of a threat intelligence platform to continuously
assess threats and prioritize those that are most important and relevant
to an organization."

Spending is increasing, but so are the challenges of security operations
and analytics. Enterprises are under staffed and feel they do not have
the right people. This is where the true value of a threat intelligence
platform designed to enable threat operations and management comes into
play – by aggregating multiple external and internal threat data
sources, reducing noise and maximizing existing security investments,
defenders are able to improve focus and efficiency by knowing exactly
what to work on first.

"One of the reasons today's approach to cybersecurity operations is not
working is because it is based on too many tools and manual processes,"
added Jon Oltsik, Senior Principal Analyst, ESG. "Leading companies are
realizing this, and moving towards a model based on a Security
Operations and Analytics Platform Architecture (SOAPA). Utilizing threat
intelligence as a critical component to blend internal and external
threat data by integrating network and endpoint tools can help
organizations reach their goals of operationalizing cyber threat
intelligence in real time for risk mitigation and incident response."

Couch and Oltsik will host a webinar on July 19, 2017 at 2:00pmET to
analyze ESG's latest research, address why security analytics and
operations becomes more difficult annually, and recommend beneficial
cyber threat intelligence best practices. Registration and more
information about the webinar, Using Threat Intelligence to Improve
Security Operations,
can be found here.

About Enterprise Strategy Group

Enterprise Strategy Group (ESG) is an integrated IT research, analysis,
and strategy firm that is world-renowned for providing actionable
insight and intelligence to the global IT community. Recognized for its
unique blend of capabilities—including market research, hands-on
technical product validation, and expert consulting methodologies such
as the ESG Strategy Lifecycle—ESG is relied upon by IT professionals,
technology vendors, investors, and the media to clarify the complex.

About ThreatQuotient

ThreatQuotient™ understands that the foundation of intelligence-driven
security is people. The company's open and extensible threat
intelligence platform, ThreatQ, empowers security teams with the
context, customization and prioritization needed to make better
decisions, accelerate detection and response and advance team
collaboration. Leading global companies use ThreatQ as the cornerstone
of their threat operations and management system, increasing security
effectiveness and efficiency. For more information, visit

View Comments and Join the Discussion!