The past year has seen cyber criminals attacking a range of targets, from International airports, to brewery chains to childcare institutions. It is increasingly clear that no industry is safe, and any business could be at risk. However, despite the increasing frequency of these attacks, most companies are currently operating with underutilised threat intelligence defences.
A recent infosec survey from cybersecurity specialist, Cyware, has revealed the concerning statistic that only 20% of businesses are fully operationalised in the use of their threat intelligence. Businesses must therefore focus on improving their cyber defences, and AI is key to ensuring they are fully armed. That’s where automated threat intelligence platforms (TIPs) come into play: industrywide networks that provide unified threat intelligence to combat all types of cyber adversity.
Where the gaps in threat intelligence lie
The report shows that most organisations lack defined processes for sharing threat intelligence: only 14% have such processes, while three quarters of IT professionals believe improvements are needed. Even among those using TIPs, only 16% share them with peers or partners, missing the opportunity to build strength through numbers and collective intelligence.
At the same time, operational maturity is low: only 20% support fully operationalised TIP systems, and 50% are still in early stages. Key challenges include too many threat feeds with insufficient context, lack of automation, and absence of dedicated analysts. These gaps mean threats may go undetected or unprioritised, leaving businesses exposed to evolving risks. Without effective sharing, automation, and contextual enrichment – areas where AI could play a vital role – businesses will struggle to respond to threats quickly, increasing the likelihood of breaches, operational disruption, financial loss and reputational damage.
The role of AI in TIP
When it comes to threat intelligence, AI is increasingly seen as a transformative force. Cyware’s survey reports that over half of IT professionals believe AI can best support automating triage and prioritisation, while nearly half see its value in identifying unknown threats.
AI-driven TIPs can also bolster defences in many ways, from enriching threat indicators with context, to generating autonomous playbooks, to correlating complex threat patterns, thus making defences more adaptive and responsive. Most professionals trust AI agents to take automated actions, provided there is human oversight. At the end of the day, respondents to the survey believe AI improves TIPs by streamlining threat detection, accelerating response, and reducing manual workload, all of which helps organisations stay ahead of evolving cyber risks.
Encouraging collective defence
Actively sharing threat intelligence with peers and partners provides significant advantages, according to respondents. By pooling insights, businesses gain broader visibility into emerging threats and attack patterns, enabling faster detection and response. However, the survey highlights that while most IT professionals recognise the need for improved sharing, only a minority have defined processes in place.
Through a collective defence approach, unifying threat intelligence from businesses across the security network, organisations can better overcome the challenge of too many feeds with insufficient context. With this model, organisations can work collectively to identify, validate and share potential threat intelligence. This collaboration reduces blind spots, enhances situational awareness, and allows for coordinated action against sophisticated attacks.
Ultimately, collective defence strengthens resilience, lowers the risk of breaches, and supports a more proactive security posture, especially when combined with automation and AI-driven enrichment. Furthermore, even sharing information internally can be improved: over 70% of respondents thought threat intelligence could be better shared in-house, let alone with peers and partners. Clearly, there is much work to be done when it comes to threat transparency.
The evolving role of TIP
TIPs have evolved from simple feed aggregators to sophisticated platforms central to modern cyber defence. Initially, TIPs helped companies simply collect and manage threat data, but today they enable automation, contextual enrichment, and the sharing of intelligence between teams, departments and partners. However, despite their potential, as noted above only a fifth of organisations have fully functional TIPs, and many still face challenges, such as too many feeds with insufficient context and a lack of automation.
Today, TIPs are critical to integrating AI, automating triage, and prioritising threats, while minimising the need for human intervention and boosting reflex time. A unified approach to threat intelligence is vital to businesses looking to protect themselves against increasingly complex cyber threats. Through this approach, once the automated TIP has identified and unified the threat data, it aligns with workflows such as exposure management to ensure action is taken to mitigate the risks. Cyber security professionals must place TIPs at the heart of their security strategies to seal off the gaps in defence intelligence that currently exist.
Jawahar Sivasankaran
Jawahar brings 27+ years of progressive leadership experience in Corporate, Go-to-Market and Product leadership roles. He has experience leading large tech businesses at scale, with a platform approach and has also been a leader at PE and VC backed mid-late stage startups. Jawahar currently serves as the President of Cyware, leader in Cyber Threat Intelligence space. He has served an Operating Advisor with leading Private Equity and Consulting firms, focused on due diligence and portfolio operations and is active in the early stage startup community as investor and advisor. His previous operating leadership role was with Appgate, where he served as the President and COO, leading all Go to Market functions including Sales, Marketing and Customer Success. Jawahar previously led Global Security Specialization Sales for Splunk. He was responsible for driving growth for Splunk’s global security business in partnership with executive leadership, cross functional and theater teams. Before Splunk, Jawahar spent 15+ years at Cisco in various leadership roles. Most recently, he was responsible for leading global Sales & Business Development through Managed Security Providers, Strategic Partners, and Global Alliances. As a Senior Director, he previously led Sales GTM strategy & BD and before that he served as the Global Field CTO for the $2B+ security business. He played a key leadership role in transforming the global security business from the core focus of Network Security to subscription and SAAS, increasing focus on Cloud Security. Jawahar was part of the senior leadership team that formed Global Security Sales Organization at Cisco, a dedicated and accountable Cybersecurity specialists sales team. He was a founding member of the Cisco on Cisco practice, focused on customer success and advising customers on Technology and Business Transformation. He is a featured speaker in industry events. Jawahar started his career and grew in the technical ranks, eventually growing to a Cisco Distinguished Engineer and was part of the most senior technology leaders within the company. He leverages this strong technical, products and industry background and continual learning to effectively drive go-to-market success. Before Cisco, Jawahar worked at a satellite gateway startup building products. He started his career in the service provider business. Jawahar holds an MBA from Wharton Business School, University of Pennsylvania. He also holds a Masters degree in IS Management and a Bachelors in Electrical Engineering.
Leave a Reply