Press Releases

SAN JOSE, Calif.--(BUSINESS WIRE)-- Trellix, the company delivering the future of AI-powered cybersecurity, today announced a new report, Mind of the CISO: Closing the gap between reaction and readiness, which found nearly all CISOs (98%) face barriers when acting on threat intelligence, with the top challenges reported as keeping pace with evolving threats (45%), integration issues (39%), and regulatory constraints (38%). As a result, threat intelligence defaults to a reactive function within a workstream, rather than an embedded, proactive strategy to build resilience, accelerate response, and stay ahead of evolving threats.

Trellix released Mind of the CISO: Closing the gap between reaction and readiness, which found nearly all CISOs (98%) face barriers when acting on threat intelligence, with the top challenges reported as keeping pace with evolving threats (45%), integration issues (39%), and regulatory constraints (38%)

“Global threat detection volume from APT actors rose 45% at the beginning of this year, and CISOs are now tasked with staying ahead of these adversaries who are becoming more organized, well-resourced, and faster, partially due to the growing use of AI,” said John Fokker, Head of Threat Intelligence, Trellix. “Moving beyond a traditional tactical approach to utilizing operational threat intelligence allows CISOs to better understand the behaviors and objectives of threat actors, anticipate potential threats, and proactively prepare defense strategies.”

The research reveals insights from over 500 CISOs worldwide on the evolving threat landscape and perceived risks to their organizations, and how the most forward-thinking leaders are embedding operational threat intelligence into their cybersecurity strategies. Key findings include:

• The impact of nation-state threats: CISOs are increasingly focused on addressing nation-state threats, with a majority (89%) frequently asked about these threats by their CEO and/or the board, further impacting their cybersecurity strategy and budget. The majority report their organization’s cybersecurity budget (85%) and cybersecurity strategy (87%) are influenced by the volume of nation-state threats.
• Moving beyond reactive, tactical threat intelligence to proactive, operational threat intelligence: Nearly all CISOs agree threat intelligence is essential for identifying and mitigating emerging cybersecurity threats (94%). Still, the majority report their organizations’ approaches to collecting (82%), analyzing (78%), incorporating (79%), and monitoring (80%) threat intelligence require significant improvements or a complete overhaul. Organizations with a proactive approach to threat intelligence (44%) are considerably more likely to use advanced threat detection technologies over the next 12 months, highlighting how a forward-leaning approach impacts technology decisions and, in turn, resilience. This further underscores the need to move beyond a reactive approach (56%) with siloed applications of threat intelligence.
• The role of AI and automation in combating threats: One-third of CISOs agree AI-driven analytics (33%) and increased levels of automation (37%) would help them perform their responsibilities more effectively, with 28% reporting limited automation makes it difficult to integrate tools into their threat intelligence programs. This highlights the importance of AI and automation investments in optimizing cyber response strategies.
• The value of peer communities: The majority of CISOs (95%) agree being part of a threat intelligence sharing community or network improves their ability to prepare for threats, and agree a CISO community (89%) would enable security leaders to navigate high-stakes decisions through trusted insights and shared experiences. The complexity of the CISO role and increasing responsibilities make information sharing and collaboration among peers critical for success.

Operational threat intelligence in practice
Organizations leverage operational intelligence to understand the broader context of cyber attacks, like threat actor motivations and methods being used. This enables security teams to anticipate and prepare for specific types of attacks, which is why adopting threat intelligence as a strategic capability is paramount. With over half (60%) of organizations yet to fully integrate threat intelligence into their wider cybersecurity strategy, the time for action is now if organizations are to keep pace with nefarious actors and limit risk.

Commitment is needed across the industry to close the threat intelligence gap. CISOs must move beyond reactive threat intelligence to strategically position it within their cybersecurity playbooks, and to do so, they’ve asked for more integrated systems, innovative tooling, and stronger community collaboration. Organizations must support their CISOs and prioritize these investments to maintain resilience and reduce risk. Policymakers should look to modernize intelligence sharing frameworks, deepen public-private sector collaboration, and accelerate AI adoption in national cyber infrastructures.

Learn more about Mind of the CISO: Closing the gap between reaction and readiness here.

Trellix’s Mind of the CISO initiative brings global attention to the needs of the CISO community, driving cybersecurity and AI best practices. Trellix continuously looks to support the global CISO community by engaging, listening, and advocating.

Additional Resources:

• Comprehensive Guide to Threat Intelligence
• Trellix Advanced Research Center
• Trellix: The Official Sponsor of the CISO
• Mind of the CISO: CISO Crossroads
• Mind of the CISO: Decoding the GenAI Impact
• Mind of the CISO: Behind the Breach
• Mind of the CISO: Understanding the CISO’s Struggle
• Trellix Threat Intelligence

Methodology
Trellix commissioned independent market research agency Vanson Bourne to conduct a research survey of over 500 CISOs across the Americas, Europe, the Middle East, and Asia Pacific regions to understand their views on the evolving threat landscape, including ransomware, nation-state attacks, and the rise of AI-powered attacks, the necessity and challenges of adopting operational threat intelligence, the role of AI and automation in combatting threats, and the value of peer communities in navigating complexities and driving clarity. Respondents work across various industries, including finance, public sector, healthcare (public and private), manufacturing, energy, oil, gas, and utilities.

About Trellix
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.

Follow Trellix on LinkedIn and X.