According to HP Security Research, threat intelligence best practices can be difficult to implement, and even the most trustworthy sources must be tested for fidelity.
"The adversary is well-resourced and very skilled," said Dan Lamorena, senior director of software enterprise security products at HP. "We may have security budgets, but they are a money-making business."
Worse yet, attackers are often able to exploit enterprises because those organizations don't tend to basic information security hygiene. The most commonly exploited problems, according to HPSR, are poor patching processes (HPSR found that the most compromised vulnerability of 2014 was a flaw in Windows that was patched in 2010), server misconfigurations, the growth of BYOD and the shadow IT, both of which make perimeter security a much more nebulous propsition, and the explosion of new, previously unseen malware.
Full Article