Only 22% of organizations run matured threat intelligence, malware detection leader reveals

By Dain Oh, The Readable
Aug. 9, 2023 9:00AM GMT-7 Updated Aug. 10, 2023 1:45PM GMT-7

Las Vegas, NV ― Black Hat ― A prominent malware detection company revealed on Wednesday that the threat intelligence industry is still in its initial phase, underscoring the need for at least 62% of global organizations to channel investments into essential tools and processes.

As outlined in OPSWAT’s report titled “2023 Threat Intelligence Trends,” a mere 22% of organizations have managed to establish fully developed threat intelligence programs. This glaring statistic underscores the discrepancy between implementation and the pressing demands of the landscape. The survey outcomes reveal a striking 68% of entities grappling with the challenges of identifying both familiar and unfamiliar malware strains.

Threat actors strategically employ malware to gain a foothold in targeted networks. Once inside, these actors navigate laterally to secure long-term access, cause damage, or steal valuable data and trade secrets. In the ceaseless battle against these perils, organizations adopt a potent strategy—harnessing actionable threat intelligence that is meticulously acquired through tools such as sandboxes and sophisticated malware analysis technologies.

“Threat intelligence plays a crucial role in safeguarding critical assets,” said Jan Miller, CTO of Threat Analysis at OPSWAT. “Understanding the evolving threat landscape empowers organizations to stay one step ahead of malicious actors, and in this rapidly changing cybersecurity landscape, it becomes the critical strategic advantage.”

Miller, an expert in file scanning with a focus on targeted environments, has recently become a vital member of the OPSWAT team. His main goal is to create a user-friendly platform that covers all the bases, including multi-scanning, sandboxing, and understanding the connections between files using machine learning techniques. With the help of artificial intelligence, this platform is set to speed up the process of identifying related samples, a key factor in quickly classifying threats and tracing their origins. Speaking to The Readable, Miller likened this innovation to a versatile “Swiss Army Knife” for the world of threat intelligence.

This explains why OPSWAT’s latest report, as Miller pointed out, includes a noteworthy survey segment on AI. The findings of the report highlight a prevailing trend of optimism towards AI, surpassing any skepticism and actual usage rates. Impressively, 56% of the surveyed organizations expressed a positive outlook on AI’s future role, while 27% maintained a more cautious stance. In terms of practical implementation, a mere 11% of organizations reported currently harnessing AI for threat detection.

Furthermore, around half of all participants in the survey highlighted that they consider phishing URLs and emails to be among their foremost worries in terms of both file types and delivery methods.

OPSWAT is developing a groundbreaking sandboxing technology, presently in the patent application stage. This novel approach employs emulation in place of the more conventional virtual machines (VMs). “This emulation-based sandbox eliminates thousands of VMs, enhancing both flexibility and visibility,” explained Miller in conversation with The Readable. This innovation is poised to deliver tangible benefits. For instance, it will provide users with valuable insights into the specific reasons why a particular file triggers a security concern, while other files remain under the radar.

“OPSWAT is committed to empowering organizations with cutting-edge cybersecurity solutions to protect critical infrastructures from emerging threats,” wrote the company in a statement to the press. “As the threat landscape evolves, OPSWAT remains at the forefront of innovation by providing the tools and knowledge to defend against increasingly sophisticated cyberattacks and stay ahead of the game.”

ohdain@thereadable.co

The cover image of this article was designed by Areum Hwang. This article was copyedited by Nate Galletta.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.