Skip to Main content Skip to Navigation
New interface
Conference papers

Exploring the Value of a Cyber Threat Intelligence Function in an Organization

Abstract : Organizations can struggle to cope with the rapidly advancing threat landscape. A cyber threat intelligence (CTI) function broadly aims to understand how threats operate to better protect the organization from future attacks. This seems like a natural step to take in hardening security. However, CTI is understood and experienced differently across organizations. To explore the value of this function this study used a qualitative method, guided by the Socio-Technical Framework, to understand how the CTI function is interpreted by organizations in South Africa. Thematic analysis was used to provide an in-depth view of how each organization implemented its CTI function and what benefits and challenges they’ve experienced. Findings show that CTI tasks tend to be more manual and resource-intensive, but these challenges can be resolved through automation. It was noted that only larger organizations seem to have the budget and resources available to implement the CTI function, whereas smaller organizations put more reliance on tools. It was observed that skills for the CTI function can be learned on the job, but that formal education provides a good foundation. The findings illustrate the value the CTI function can provide an organization but also the challenges, thereby enabling other organizations to improve preparation before such a function is adopted.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Friday, October 15, 2021 - 5:05:21 PM
Last modification on : Wednesday, November 3, 2021 - 7:07:00 AM
Long-term archiving on: : Sunday, January 16, 2022 - 9:16:23 PM


 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document


Distributed under a Creative Commons Attribution 4.0 International License



Jacques Ophoff, Anzel Berndt. Exploring the Value of a Cyber Threat Intelligence Function in an Organization. 13th IFIP World Conference on Information Security Education (WISE), Sep 2020, Maribor, Slovenia. pp.96-109, ⟨10.1007/978-3-030-59291-2_7⟩. ⟨hal-03380693⟩



Record views