Four Ways to Incorporate AI into Threat Intelligence Programs

SCHAUMBURG, Ill.--( BUSINESS WIRE)--Threat environments have become more complex, especially with the rise of generative AI and the rapid commercialization of the cybercrime ecosystem. Enterprises have also long struggled to realize meaningful value from traditional cyberthreat intelligence programs. However, there are steps that cybersecurity professionals can take to improve the effectiveness of their threat intelligence programs, as outlined in ISACA’s new white paper, Building a Threat-Led Cybersecurity Program with Cyberthreat Intelligence, which provides a practical blueprint for building or strengthening a modern threat intelligence program and moving to a holistic threat-led approach.

ISACA's new resource also provides guidance on selecting a threat intelligence program and developing a holistic, threat-led approach to improve operational impact.

Whether practitioners are looking to craft the foundations of a mature program or refine their existing program, the ISACA white paper shares steps to develop a threat model, establish priority intelligence requirements and create alignment between intelligence outputs and enterprise risk management objectives.

How to Improve Operational Impact

When determining how to operationalize a threat intelligence program, organizations should consider their technology stack, tool selection, and opportunities for automation.

Whether an enterprise plans to purchase multiple platforms to reduce the chances of missing a critical event, or has a lower security budget and plans to purchase a single platform to optimize costs, organizations should do the following when selecting a threat intelligence platform:

Automated approaches can build upon an already successful program to improve maturity and reduce the mean time to detection (MTTD) and mean time to response (MTTR). Integrating AI into a threat intelligence program demands a cross-functional operating model with clear decision rights and controls. The white paper suggests:

"An effective threat intelligence program is the cornerstone of a cybersecurity governance program. To put this in place, companies must implement controls to proactively detect emerging threats, as well as have an incident handling process that prioritizes incidents automatically based on feeds from different sources. This needs to be able to correlate a massive amount of data and provide automatic responses to enhance proactive actions," says Carlos Portuguez, Sr. Director BISO, Concentrix, and member of the ISACA Emerging Trends Working Group. "In order for companies to achieve this, though, they need to overcome challenges like data overload, integration with cybersecurity products, knowledge and experience limitations within their cybersecurity teams, lack of automation initiatives and slow adoption of best practices and security frameworks."

To access the complimentary white paper, visit www.isaca.org/building-a-threat-led-cybersecurity-program. For other cybersecurity resources, including the Advanced in AI Security Management (AAISM) and Certified Cybersecurity Operations Analyst (CCOA) certifications from ISACA, visit www.isaca.org/cybersecurity.

About ISACA

For more than 55 years, ISACA ® ( www.isaca.org) has empowered its community of 185,000+ members with the knowledge, credentials, training and network they need to thrive in fields like information security, governance, assurance, risk management, data privacy and emerging tech. With a presence in more than 190 countries and with more than 230 chapters worldwide, ISACA offers resources tailored to every stage of members’ careers. Through the ISACA Foundation, ISACA also expands IT and education career pathways, fostering opportunities to grow the next generation of technology professionals.