Last year ’ s trend of steady growth of organisations with dedicated CTI teams is consistent with this year ’ s findings : 52 % of organisations have a dedicated CTI team – the highest percentage we have ever seen in SANS CTI surveys . That is not the only model for CTI teams , however .
This year , one in four organisations reported that CTI is a shared responsibility with staff pulled from other security groups , indicating a horizontal structure of responsibilities . This percentage has been mostly stable throughout the last few years , suggesting that organisations following this approach have diverse perspectives , tooling , and increased collaboration resulting in a continuation of this model rather than an eventual move to a stand-alone team . Horizontal teams do come with challenges , and these teams may experience obstacles in coordination , have varied expertise levels , and struggle with issues related to resource allocation . Organisations struggling in these areas can assess the ideal structure of their CTI function , either as a shared responsibility or as a dedicated team .
When it comes to the skill sets that make up the members of a CTI team , this
The people of CTI are often thought of as the analysts conducting the intelligence analysis . year we saw a decrease in the respondents who identify as purely CTI analysts and an increase in security analysts , incident responders , and security managers or directors . This indicates that even though we saw a record number of dedicated CTI teams this year , the individuals that make up those teams often have other skill sets that are combined with threat intelligence capabilities or have other roles , such as a SOC analyst , that directly contribute to CTI .
This could also indicate a preference for the larger scope of the security analyst title rather than the narrower focus of the cyber threat intelligence analyst , especially for individuals on horizontal teams who end up contributing in several places across their organisation ’ s security programme .
Another interesting trend in this year ’ s survey data is a spike in auditor roles
INTELLIGENT TECH CHANNELS 43