The study finds 94 percent of organizations are finding it challenging to recruit, train, and retain malware analysis staff. In addition 93 percent of organizations are challenged by malware analysis tools that lack automation, integration, and accuracy. This leads to over 20 percent of organizations reporting they are unable to investigate and resolve a majority of their malicious files or alerts.
The report also shows that 99 percent of organizations would benefit from additional capabilities for malware analysis. 52 percent of organizations identify accuracy as the key criteria when evaluating a malware analysis tool.
The skills gap is a factor too, with 70 percent reporting that they believe their malware analysis function is understaffed. While 53 percent hire new talent to undertake analysis, 73 percent train in-house. However, half say that it’ difficult to find appropriate learning programs.
“Malware analysis is a critical capability for management teams that want to move beyond check-the-box compliance programs and toward proactive threat management and incident response programs,” says Benny Czarny, founder and CEO of OPSWAT. “To stay ahead of sophisticated adversaries who are targeting critical infrastructure, organizations are undergoing a transformation to stay ahead of these attackers. By adding malware analysis capabilities such as OPSWAT’s MetaDefender Malware Analyzer and OPSWAT Sandbox solutions, critical infrastructure customers can analyze malware that attacks their networks, such as PLC, SCADA and HMI environments, to gain better insights and sophisticated reports on threat intelligence to be better prepared for future incidents.”
OPSWAT is launching its MetaDefender Malware Analyzer and Sandbox, solutions to help organizations navigate these human and technical challenges. You can also get the full State of Malware Analysis Report 2022 from the company’s site.