Many chief information officers (CISOs) are concerned about dark web threats but do little about them, according to a new report from Searchlight Cyber.
The dark web intelligence firm recently surveyed more than 93 CISOs working at large enterprises and found that 72% were concerned about dark web threats, and XNUMX% believed intelligence on cybercriminals was "essential." " in efforts to protect your organization's endpoints (opens in new tab) and data from hackers.
But aside from collecting information about these groups, their tools, networks, MOs, etc., they don't do much about it.
Worth it
That being said, the researchers say that 71% of CISOs would like to see if their vendors are targeting the dark web. In fact, only a third (32%) of those who collect intelligence on the dark web use it to investigate attacks in their supply chain.
For Ben Jones, CEO and co-founder of Searchlight Cyber, companies still have a lot of work to do, but it could pay off: "What's important is the clear pattern emerging between the collection of more threat intelligence and dark data ". web, and a better security posture,” he said.
"For UK companies that have not identified the dark web intelligence opportunity, the results are clear: collecting dark web intelligence will help them better understand their adversaries and increase their chances of spotting an offensive."
Digging deeper into the results, the researchers found that companies in different industries react differently to dark web threats. Most of those in the financial sector (85%) already collect data from the dark web, while the healthcare sector lags behind with 57%. The oil and gas industry could also do better, as only two-thirds (66%) of CISOs say they collect data from the dark web.
Therefore, CISOs are not as confident as they could be in stopping cyberattacks. Only 60% of CISOs in healthcare and 74% of those in the oil and gas industry believe they correctly understand their opponents' profiles, which is well below the industry norm of 77%.
It is "imperative that these organizations start monitoring the dark web, spotting early warning signs of attacks, and improving their security posture based on a better understanding of their adversaries," Jones concluded.
- Remove viruses and malware with the best malware removal(Opens in a new tab)