We’ve spoken extensively about the importance of taking a data-driven approach to Vulnerability Management. In short the efficiency and effectiveness of vulnerability management processes depend heavily on inclusion of threat intelligence for both prioritization and response activities. At any given time, only a small fraction of existing vulnerabilities are actively exploited or exploitable.

According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organizations fell victim to a phishing attack last year. Another report from PhishMe found that 91% of cyberattacks start with a phish, and the top reasons people are duped by phishing emails are curiosity (13.7%), fear (13.4%), and urgency (13.2%), followed by reward/recognition, social, entertainment, and opportunity.

Our latest industry research – ‘The 2022 State of IT Security Automation Adoption’ – which we have undertaken for the second year running and expanded into other regions including the UK, USA and Australia, shows strong signs that cybersecurity automation adoption is advancing, but 97% of respondents say they have experienced problems during implementation.

Threat intelligence has become a significant input to the overall ecosystem that organizations leverage in their security footprint. Managing that data and the contextualization required to develop useful information can be daunting for fledgling and established organizations. I will discuss ways to automate some of the repetitive tasks and fuel other areas of the security organization to help them better achieve their mission sets.