This statistic shows the main ways in which threat intelligence data is reused within information security worldwide, according to a 2015 survey conducted by the SANS Institute. As of 2015, 22.5 percent of respondents said their business did not correlate security event data with either internal intelligence data or external threat intelligence tools.
Use of threat intelligence data in information security worldwide in 2015*
Characteristic
Percentage of respondents
Collect advanced threat information internally, dissect it and include it for future detection
44.3%
Use external third parties to collect advanced threat information for detection and response
43%
†Have a security analytics system that handles the intake of intelligence automatically and correlate this against security information
36.2%
Have a security analytics system that takes in intelligence and indicators of compromise automatically
32.2%
Correlate manually advanced threat information against information collected in their SIEM
30.2%
Don't correlate their event data with internally gathered intelligence data or external threat intelligence tools
22.5%
Have their SIEM vendor work with intelligence agents and update the intelligence data for them
* The source does not provide information on the original wording used during the survey. Thus, the wording chosen for this statistic may differ from the one in the survey.
†The original answer was phrased by the source as follows: "Have a security analytics system that handles the intake of intelligence automatically behind the scenes and correlates this against whitelisting/blacklisting and reputational information".
SIEM stands for Security Information and Event Management.
Profit from the additional features of your individual account
Currently, you are using a shared account. To use individual functions (e.g., mark statistics as favourites, set
statistic alerts) please log in with your personal account.
If you are an admin, please authenticate by logging in again.
Statista Accounts:
Access All Statistics. Starting from $468 / Year
Learn more about how Statista can support your business.
SANS Institute. (November 12, 2015). Use of threat intelligence data in information security worldwide in 2015* [Graph]. In Statista. Retrieved May 22, 2022, from https://www.statista.com/statistics/499727/reuse-threat-intelligence-data/
SANS Institute. "Use of threat intelligence data in information security worldwide in 2015*." Chart. November 12, 2015. Statista. Accessed May 22, 2022. https://www.statista.com/statistics/499727/reuse-threat-intelligence-data/
SANS Institute. (2015). Use of threat intelligence data in information security worldwide in 2015*. Statista. Statista Inc.. Accessed: May 22, 2022. https://www.statista.com/statistics/499727/reuse-threat-intelligence-data/
SANS Institute. "Use of Threat Intelligence Data in Information Security Worldwide in 2015*." Statista, Statista Inc., 12 Nov 2015, https://www.statista.com/statistics/499727/reuse-threat-intelligence-data/
SANS Institute, Use of threat intelligence data in information security worldwide in 2015* Statista, https://www.statista.com/statistics/499727/reuse-threat-intelligence-data/ (last visited May 22, 2022)
