How is the cyber threat intelligence strategy of an enterprise built up and what are the people and other resources required . SANS Institute Certified executives Rebekah Brown and Andreas Sfakianakis share their insights in this excerpt from the 2024 Cyber Threat Intelligence Survey .

New worldwide regulations impact cyber threat intelligence by imposing stringent compliance requirements across various sectors and regions . In the United States , the Cyber Incident Reporting for Critical Infrastructure Act , CIRCIA and new rules by the Securities and Exchange Commission , SEC introduced increased regulatory requirements , fostering a more collaborative environment between the private sector and government as well as improving the sharing and utilization of threat intelligence .

Meanwhile , the EU has introduced the NIS2 Directive , aiming to strengthen the cybersecurity requirements imposed

78 % of respondents reported that geopolitics plays a very important role in determining their intelligence requirements .

Rebekah Brown , SANS Certified Instructor on critical infrastructure across all member states .

Geopolitics significantly shapes state and non-state actors ’ strategic interests and actions in the cyber domain . Political , military , and economic tensions between nations often lead to increased cyber espionage , sabotage , and misinformation campaigns to influence outcomes or gain strategic advantage .

Nearly 78 % of the respondents reported that geopolitics plays a very important or somewhat important role in determining their intelligence requirements . In 2023 and 2024 , several key geopolitical events have shaped the CTI team ’ s intelligence requirements worldwide , such as the war in Ukraine , the Israel-Hamas war , the Red Sea crisis , and China-Taiwan tensions .

People are at the core of a CTI team ’ s work . The people of CTI are often thought of

Andreas Sfakianakis , SANS Instructor Candidate as the analysts conducting the intelligence analysis ; however , it is important to note that many individuals across an organization contribute to the CTI process .

Whether they are helping create intelligence requirements , supporting CTI functions as a member of a different security team , or consuming reports from the CTI team and making decisions based on their findings , CTI truly does rely on people . This year , we saw a significant increase in organisations that use a combination of in-house capability and a service provider , from 47 % last year to 62 % this year . When combined with organizations with a standalone CTI capability , 31 %, the total percentage with some degree of in-house CTI capability has significantly increased from 83 % last year to 93 %!

42 www . intelligenttechchannels . com