Understanding adversaries through dark web intelligence
According to Searchlight Cyber, 93 percent of CISOs are concerned about dark web risks, and over 72 percent believe that intelligence on hackers is “critical” to defending their organization and increasing cybersecurity.
According to the survey findings, the majority of CISOs use threat intelligence to address security concerns, and 79% of CISOs are actively gathering data from the dark web. The research, however, reveals that even among those who are already gathering dark web data, there is still work to be done in order to use it to overcome some of the most difficult cybersecurity obstacles.
For example, while 71% of CISOs said they want to know whether their suppliers are being targeted on the dark web, just 32% of those who collect dark web data use it to monitor for supply chain attacks.
Tackling dark web threats
The study also discovered that US organizations are well ahead of their UK counterparts in fighting dark web threats:
- In the United States, 80 percent of businesses are gathering threat intelligence, compared to 72 percent in the United Kingdom.
- Additionally, US businesses are more likely to employ dark web data sources. (84 percent vs 75 percent in the UK).
- As a result, 85 percent of US CISOs are satisfied that they understand the profile of their adversaries, compared to 70 percent of UK CISOs.
Ben Jones, CEO of Searchlight Cyber, commented on the findings: “Our survey suggests that the US is slightly ahead of the UK in the adoption of dark web intelligence. What is significant is the clear pattern that emerges between gathering more threat intelligence and data from the dark web, and a better security posture. For the UK enterprises that haven’t identified the opportunity of dark web intelligence the results make it crystal clear: gathering dark web intelligence will help them gain a better understanding of their adversaries and increase their chances of spotting an attack.”
Industry sectors respond differently to threats
- The finance industry is the most advanced in terms of dark web intelligence usage, with 85 percent of financial organizations now gathering data from the dark web, closely followed by manufacturing (83 percent), IT and telecoms (80 percent), and professional services (80 percent). (80 percent).
- Only 57 percent of healthcare organizations use dark web intelligence in their security strategy, putting them well behind other industries. The oil and gas industry lags behind other “high risk” industries, with 66 percent of CISOs admitting to gathering data from the dark web.
- As a result, just 60% of healthcare CISOs and 74% of oil and gas CISOs are confident in understanding the characteristics of their adversaries, compared to the industry average of 77%.
“It is likely that health and energy organizations may not have historically considered themselves the primary target for financially motivated cyberattacks emanating from the dark web,” added Jones.
“However, the cybersecurity landscape has changed dramatically over the past few years and threat actors are no longer just focusing on asset-rich organizations like banks and insurance companies. As recent incidents have shown us, they are increasingly targeting enterprises in industries such as healthcare, oil and gas, and manufacturing to leverage the critical nature of these companies, and extort ransoms. This makes it an imperative for these organizations to begin monitoring the dark web, to spot the early warning signs of attack, and improve their security posture based on a better understanding of their adversaries,” Jones concluded.
