News Survey

Unveiling the Key Findings of the SANS Institute 2024 Cyber Threat Intelligence Survey

SANS Instructor

Survey Reveals Critical Trends in Geopolitical Impact, AI Adoption, and Threat Hunting within CTI Teams

SANS Institute 2024 Cyber Threat Intelligence (CTI) Survey highlights pivotal insights that are essential for organizations aiming to bolster their defenses with groundbreaking insights into the evolving threat landscape, with a focus on the significant influence of geopolitical events, the burgeoning role of artificial intelligence, and the emerging dominance of threat hunting within CTI teams.

“The increasing frequency and complexity of global conflicts have made it essential for CTI teams to broaden their focus beyond internal issues.” SANS Certified Instructor Brown

Geopolitical and Regulatory Influences

Geopolitics and new regulations are profoundly shaping CTI team activities. “The increasing frequency and complexity of global conflicts have made it essential for CTI teams to broaden their focus beyond internal issues,” said SANS Certified Instructor Brown. “Our survey shows that 77.5% of respondents recognize the significant impact of geopolitics on their intelligence requirements, highlighting the need for adaptive and informed responses to external threats.” Additionally, 74% of respondents emphasize the importance of adapting to new regulations, underscoring the necessity for CTI teams to stay compliant with evolving legal landscapes.

Rise of Threat Hunting

For the first time, threat hunting has emerged as the top use case for CTI. This proactive approach to detecting unidentified threats has seen substantial reliance on the MITRE ATT&CK framework, with over 95% of respondents utilizing it for categorizing and communicating tactics, techniques, and procedures (TTPs). “The prominence of threat hunting reflects a strategic shift in how organizations are leveraging CTI,” and SANS Instructor Candidate Andreas Sfakianakis noted. “This approach not only enhances detection capabilities but also strengthens overall security posture.”

“The prominence of threat hunting reflects a strategic shift in how organizations are leveraging CTI.”

SANS Instructor Candidate Andreas Sfakianakis

Impact of Artificial Intelligence

AI is making significant inroads in CTI, with nearly one-quarter of respondents already leveraging AI in their programs and another 38% planning to adopt it. “Artificial intelligence is becoming a crucial tool for CTI teams, helping analysts prioritize and process vast amounts of information through advanced scoring and summarization techniques,” said Brown. However, she also highlighted the growing concern about the adversarial use of AI, stressing the importance of preparing for AI-driven threats.

Integration via Threat Intelligence Platforms (TIPs)

The survey highlights the critical role of Threat Intelligence Platforms (TIPs) in integrating CTI into the security stack. A notable 58% of participants reported incorporating CTI into their detection and response controls through TIPs’ built-in integration capabilities. “The mature state of TIPs demonstrates their effectiveness in disseminating threat intelligence across security tools, enhancing the overall efficiency of CTI programs,” Sfakianakis explained.

CTI in Vulnerability Management

The role of CTI in vulnerability management has seen a significant increase, with 66% of respondents now using CTI to pinpoint actively exploited vulnerabilities. This marks a rise from 54% in 2017, demonstrating CTI’s pivotal role in prioritizing patches and supporting vulnerability remediation efforts. “Our findings highlight the growing reliance on CTI for operational purposes in vulnerability management, with 83% of respondents considering it essential for identifying and addressing critical vulnerabilities,” Brown stated.

Related posts

Tenable Security Center Adds Powered Features

Enterprise IT World MEA

What is the Status of Quantum-safe Digital Signatures?

Enterprise IT World MEA

Hackers Stole US$2.2 Billion in Crypto Through 2024, Chainalysis Research

Enterprise IT World MEA

Leave a Comment