International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 8 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

81 Percent of Cybersecurity Pros Agree: Cyber Threat Intelligence Improves Prevention, Detection, and Response Capabilities

by The Gurus
December 7, 2018
in Threat Detection
Share on FacebookShare on Twitter

SANS Report Sponsored by DomainTools Reveals Cyber Threat Intelligence (CTI) Gaining Momentum as Organizations Battle to Keep Up with Hackers]

As cyberattacks and attackers become more blatant and pervasive each year, a new SANS Institute report, in conjunction with DomainTools, shows organizations around the globe are turning towards Cyber Threat Intelligence (CTI) to detect, respond, and ultimately prevent attacks.

DomainTools, the leader in domain name and DNS-based cyber threat intelligence, co-sponsored the SANS survey and resulting report, SANS 2018 Cyber Threat Intelligence Survey. Results show adoption of CTI programs has steadily grown, with 68 percent of organizations currently creating or consuming CTI data and 22 percent having plans to do so in the future. Additionally, more respondents than ever before are finding CTI programs are helping improve overall cybersecurity posture, with the rate climbing to 81 percent this year, compared to 78 percent in 2017 and 64 percent in 2016.

According to the report, some of the most popular security operations tasks that CTI programs support include detecting threats (79%), incident response (71%), blocking threats (70%) and threat hunting (62%). Many of the survey responses indicate that the increased emphasis on CTI and threat intelligence sharing was key in allowing operations teams to quickly search for existing compromises and proactively block access from external clients.

“Despite the onslaught of new threats that have been waged this past year, the SANS survey findings reflect threat intelligence platforms and programs are improving overall prevention, detection, and response efforts,” said Tim Helming, Director of Product Management of DomainTools. “Cyber threat intelligence is such an effective and important part of security operations because it converts an organization’s general posture from a reactive to proactive mindset, which gets teams beyond the ‘if’ something will happen to ‘when something happens, we are ready for it.’”

Additional key findings from the SANS and DomainTools report include:

  • Some threat intelligence is more useful than others, with detailed malware indicators (81%) and information on the vulnerabilities that are targeted by attackers (79%) seen as the top two.
  • The largest improvements in the CTI ecosystem from last year were in improving security operations (increased from 63% to 70%), preventing damage to business systems or data (increased from 36% to 45%), reducing time to identify and respond to incidents (increased from 50% to 59%), and revealing vulnerabilities to implement new controls (increased from 48% to 59%).
  • The prevalence of dedicated threat intelligence platforms is also on the rise, up from 41 percent in 2017 to 57 percent in 2018; This year, 48 percent connected to CTI programs via API.

To make cyber threat investigations by security and IT professionals faster, more insightful, and easier to administer, in 2015 DomainTools launched the Iris Investigation Platform. By combining the broadest TLD database with industry-leading passive DNS data from top-tier providers, Iris delivers reliable information quickly, creating forensic maps of criminal activity for security pros to triage threat indicators, assess risk, and ultimately prevent future attacks.

For the full SANS survey results, read the report. This year, over 300 top security and business executives from industries including technology and IT, financial services, government, and education contributed to the survey.

About DomainTools

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at http://www.domaintools.com or follow us on Twitter: @domaintools.

About SANS Institute

As the global leader in information security training, the SANS Institute provides up-to-date intelligence and informative classes to help protect organizations against cyber threats. Over 165,000 security professionals rely on SANS training to sharpen their skills. Learn more about SANS at sans.org.

Tags: CybersecurityTechnology
ShareTweet
Previous Post

Breaches to financial services tripled over last five years

Next Post

GDPR – Burden or Benefit?

Recent News

malware

Huntress Uncovers ‘Vibe-Coded’ Malware Used to Map Active Directory Environments

July 8, 2026
Check Point’s ThreatCloud AI Blocked 4.6 Billion Attacks in 2025, Latest ESG Report Reveals

Check Point’s ThreatCloud AI Blocked 4.6 Billion Attacks in 2025, Latest ESG Report Reveals

July 8, 2026
Kirsty Fowler, WorkNest Secure

Next Gen Spotlights: Building a More Resilient Future – Q&A with WorkNest Secure

July 8, 2026
Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

July 7, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol