The SANS Institute has released the 2024 Cyber Threat Intelligence (CTI) Survey, authored by cybersecurity experts Rebekah Brown and Andreas Sfakianakis. Amid rising covert activities, cloud breaches, and AI-driven attacks, this survey provides crucial insights for CISOs, CIOs, and security professionals. Understanding the latest trends and preparing for emerging threats is essential for organizations to protect their digital assets and maintain trust with customers and stakeholders.
As cyber threats continue to evolve in complexity and sophistication, this year’s survey highlights pivotal insights that are essential for organizations aiming to bolster their defenses with groundbreaking insights into the evolving threat landscape, with a focus on the significant influence of geopolitical events, the burgeoning role of artificial intelligence, and the emerging dominance of threat hunting within CTI teams.
Geopolitical and Regulatory Influences
Geopolitics and new regulations are profoundly shaping CTI team activities. “The increasing frequency and complexity of global conflicts have made it essential for CTI teams to broaden their focus beyond internal issues,” said Brown. “Our survey shows that 77.5% of respondents recognize the significant impact of geopolitics on their intelligence requirements, highlighting the need for adaptive and informed responses to external threats.” Additionally, 74% of respondents emphasize the importance of adapting to new regulations, underscoring the necessity for CTI teams to stay compliant with evolving legal landscapes.
Rise of Threat Hunting
For the first time, threat hunting has emerged as the top use case for CTI. This proactive approach to detecting unidentified threats has seen substantial reliance on the MITRE ATT&CK framework, with over 95% of respondents utilizing it for categorizing and communicating tactics, techniques, and procedures (TTPs). “The prominence of threat hunting reflects a strategic shift in how organizations are leveraging CTI,” Sfakianakis noted. “This approach not only enhances detection capabilities but also strengthens overall security posture.”
Impact of Artificial Intelligence
AI is making significant inroads in CTI, with nearly one-quarter of respondents already leveraging AI in their programs and another 38% planning to adopt it. “Artificial intelligence is becoming a crucial tool for CTI teams, helping analysts prioritize and process vast amounts of information through advanced scoring and summarization techniques,” said Brown. However, she also highlighted the growing concern about the adversarial use of AI, stressing the importance of preparing for AI-driven threats.