Organizational cyber threat intelligence (CTI) activities are maturing: SANS survey

Published: Wednesday, 05 February 2020 09:17

Cyber threat intelligence (CTI) has evolved from small, ad hoc tasks performed disparately across an organization to robust programs with their own staff, tools and processes that support the entire organization, according to the SANS Institute 2020 CTI Survey.

Survey results indicate that just less than 50 percent of respondents’ organizations have a team dedicated to CTI, up from 41 percent in 2019. While the number of organizations with dedicated threat intelligence teams is growing, results also demonstrate a move toward collaboration, with 61 percent reporting that CTI tasks are handled by a combination of in-house and service provider teams.

Another sign of maturity is the definition and documentation of intelligence requirements. The number of organizations reporting a formal process for gathering requirements increased 13 percent from last year, to almost 44 percent in 2020. This makes the intelligence process more efficient, effective and measurable—keys to long-term success.

Full results of this survey will be shared during a February 11th webcast. More details at