In the last few years, Cyber Threat Intelligence (CTI) has matured into a standalone program with its own staff, tools and processes. New feeds, internal teams and solutions have rapidly evolved to help compliment this new maturity.
One of the key takeaways from the SANS report that the group discussed is that organizations are defining and documenting intelligence requirements up front to ensure they are focusing on the right intelligence, which now includes not only external threat feeds and vendor-provided threat intelligence but also data from internal tools and teams. In fact, from 2019 to 2020 the percentage of organizations that use documented intelligence requirements to drive threat intelligence programs jumped 13.5% to nearly 44%. ...read more!