CTI Requires Both Collaboration And Communication
This year’s SANS Cyber Threat Intelligence (CTI) Survey shows that while many CTI programs can meet the growing cybersecurity challenges, some are just getting started due to complex threat environments and increased cybersecurity needs. It seems that the shift to remote work, increased threats, and high workloads impacted some critical components of collaboration over the past two years.
Organizations need to assess whether they have lost communication channels with key stakeholders and must identify ways to build up those channels again. CTI providers and information sharing groups can help fill in the gaps as organizations’ programs mature.
Key topics covered include:
- Building a solid relationship between CTI people and processes to integrate findings and insights into cybersecurity programs
- Defining CTI requirements is essential, but organizations should also schedule regular requirements reviews
- How organizations are consuming and producing intelligence
- Integration of tools used by CTI, SOC, IR, and vulnerability teams is vital for a robust cybersecurity program
Read this year’s report to keep your CTI program moving forward.