SANS 2022 Cyber Threat Intelligence Survey Report:

The SANS 2022 Cyber Threat Intelligence (CTI) Survey was bookended with two major cybersecurity events that showcased the role of CTI in security operations. The SolarWinds software supply chain attack broke as the 2021 survey finished, and the Log4j vulnerability response process was underway as the 2022 survey wrapped up. These events highlighted the need to rapidly gain situational awareness, contextualize vast amounts of information being shared, and prioritize remediation of significant threats.


Key survey takeaways:

  • More organizations are beginning to develop their CTI capabilities.
  • Several promising trends from past years, such as collaboration between CTI teams and business operations groups, have been in decline since the shift to remote work in response to the COVID-19 pandemic.
  • Need for better and easier ways to measure CTI success.
  • Vendors can improve analysts’ experience by continuing to understand use cases and share more of the requirements between practitioners and vendors.




Copyright © 2022, ThreatQuotient, Inc. All Rights Reserved.