Knowing the enemy has always been important to winning battles, but gaining the right insight at the right time is much easier said than done in the fight against hackers. A new survey of the organizations on the front lines conducted by the Ponemon Institute and sponsored by Webroot, Inc. reveals that there is still a lot of room for improvement.

Two thirds of the nearly 700 technology professionals that the research group asked about their companies’ threat intelligence policies acknowledged the importance of keeping up with the movement of attackers, but many are struggling to do so in practice. As a result, an alarming 47 percent admitted that it is not an essential part of the security strategy where they work.

The root cause, according to the study, lies in inability to understand or use data. Only 11 percent of participants gave the threat intelligence that they collect the highest score for usefulness, a figure that drops to nine percent on accuracy and eight percent when it comes to timeliness. Ponemon placed much of the responsibility for these shortfalls with the vendors that organizations count on to protect their networks.

A full 85 percent of respondents expressed discontent with the quality of information they get from external intelligence sources, confidence that falls even further in the context of free feeds such as that Facebook Inc. is currently working to create. But organizations can’t place all the blame externally.

Only about one in six of the practitioners who took part in the study told Ponemon that their internal mechanisms for reacting to external information on malicious activity is effective. That figure jumped by just 10 points when the group asked the participants how they handle internally generated data, which the report reveals is by and large the primary focus of threat intelligence efforts.

Unsurprisingly, the struggle of organizations to collect relevant information on malicious activity has a direct impact on their overall security, with only 35 percent of respondents rating their employers’ cyber defenses as strong. But while the current situation is bleak, there is also ample reason for optimism.

Despite the fact that most of the participants in the study indicated they’re not anywhere close to making the most out of the threat intelligence at their disposal, they also blocked an average of 35 attacks since starting to track hackers that they likely wouldn’t have caught before. As a result, 45 percent are increasing the amount of information they’re collecting and 34 percent plan to spend “significantly” more on that part of their security operations.

The industry is on the right track, yet there is clearly a long way to go until organizations are caught up to the new realities of the modern security landscape. To that end, Ponemon stresses in its report the need to invest not only in new technologies and data but also the talent required to take full advantage of those assets.

photo credit: *sax via photopin cc