Building and implementing a cyber threat intelligence strategy
How is the cyber threat intelligence strategy of an enterprise built up and what are the people and other resources required . SANS Institute Certified executives Rebekah Brown and Andreas Sfakianakis share their insights in this excerpt from the 2024 Cyber Threat Intelligence Survey .
SANS Institute , a global leader in cybersecurity training , has published the 2024 Cyber Threat Intelligence , CTI Survey , authored by cybersecurity experts , SANS Certified Instructor Rebekah Brown and SANS Instructor Candidate Andreas Sfakianakis . This year , the survey received responses from 811 professionals from 22 industries .
New worldwide regulations impact cyber threat intelligence by imposing stringent compliance requirements across various sectors and regions . In the United States , the Cyber Incident Reporting for Critical Infrastructure Act , CIRCIA and new rules by the Securities and Exchange Commission , SEC introduced increased regulatory requirements , fostering a more collaborative environment between the private sector and government as well as improving the sharing and utilization of threat intelligence .
Meanwhile , the EU has introduced the NIS2 Directive , aiming to strengthen the cybersecurity requirements imposed
78 % of respondents reported that geopolitics plays a very important role in determining their intelligence requirements .
Rebekah Brown , SANS Certified Instructor on critical infrastructure across all member states .
Geopolitics significantly shapes state and non-state actors ’ strategic interests and actions in the cyber domain . Political , military , and economic tensions between nations often lead to increased cyber espionage , sabotage , and misinformation campaigns to influence outcomes or gain strategic advantage .
Nearly 78 % of the respondents reported that geopolitics plays a very important or somewhat important role in determining their intelligence requirements . In 2023 and 2024 , several key geopolitical events have shaped the CTI team ’ s intelligence requirements worldwide , such as the war in Ukraine , the Israel-Hamas war , the Red Sea crisis , and China-Taiwan tensions .
People are at the core of a CTI team ’ s work . The people of CTI are often thought of
Andreas Sfakianakis , SANS Instructor Candidate as the analysts conducting the intelligence analysis ; however , it is important to note that many individuals across an organization contribute to the CTI process .
Whether they are helping create intelligence requirements , supporting CTI functions as a member of a different security team , or consuming reports from the CTI team and making decisions based on their findings , CTI truly does rely on people . This year , we saw a significant increase in organisations that use a combination of in-house capability and a service provider , from 47 % last year to 62 % this year . When combined with organizations with a standalone CTI capability , 31 %, the total percentage with some degree of in-house CTI capability has significantly increased from 83 % last year to 93 %!
42 www . intelligenttechchannels . com