The past year has seen cyber criminals attacking a range of targets, from International airports, to brewery chains to childcare institutions. It is increasingly clear that no industry is safe, and any business could be at risk. However, despite the increasing frequency of these attacks, most companies are currently operating with underutilised threat intelligence defences.
A recent infosec survey from cybersecurity specialist, Cyware, has revealed the concerning statistic that only 20% of businesses are fully operationalised in the use of their threat intelligence. Businesses must therefore focus on improving their cyber defences, and AI is key to ensuring they are fully armed. That’s where automated threat intelligence platforms (TIPs) come into play: industrywide networks that provide unified threat intelligence to combat all types of cyber adversity.
The report shows that most organisations lack defined processes for sharing threat intelligence: only 14% have such processes, while three quarters of IT professionals believe improvements are needed. Even among those using TIPs, only 16% share them with peers or partners, missing the opportunity to build strength through numbers and collective intelligence.
At the same time, operational maturity is low: only 20% support fully operationalised TIP systems, and 50% are still in early stages. Key challenges include too many threat feeds with insufficient context, lack of automation, and absence of dedicated analysts. These gaps mean threats may go undetected or unprioritised, leaving businesses exposed to evolving risks. Without effective sharing, automation, and contextual enrichment – areas where AI could play a vital role – businesses will struggle to respond to threats quickly, increasing the likelihood of breaches, operational disruption, financial loss and reputational damage.
When it comes to threat intelligence, AI is increasingly seen as a transformative force. Cyware’s survey reports that over half of IT professionals believe AI can best support automating triage and prioritisation, while nearly half see its value in identifying unknown threats.
AI-driven TIPs can also bolster defences in many ways, from enriching threat indicators with context, to generating autonomous playbooks, to correlating complex threat patterns, thus making defences more adaptive and responsive. Most professionals trust AI agents to take automated actions, provided there is human oversight. At the end of the day, respondents to the survey believe AI improves TIPs by streamlining threat detection, accelerating response, and reducing manual workload, all of which helps organisations stay ahead of evolving cyber risks.
Actively sharing threat intelligence with peers and partners provides significant advantages, according to respondents. By pooling insights, businesses gain broader visibility into emerging threats and attack patterns, enabling faster detection and response. However, the survey highlights that while most IT professionals recognise the need for improved sharing, only a minority have defined processes in place.
Through a collective defence approach, unifying threat intelligence from businesses across the security network, organisations can better overcome the challenge of too many feeds with insufficient context. With this model, organisations can work collectively to identify, validate and share potential threat intelligence. This collaboration reduces blind spots, enhances situational awareness, and allows for coordinated action against sophisticated attacks.
Ultimately, collective defence strengthens resilience, lowers the risk of breaches, and supports a more proactive security posture, especially when combined with automation and AI-driven enrichment. Furthermore, even sharing information internally can be improved: over 70% of respondents thought threat intelligence could be better shared in-house, let alone with peers and partners. Clearly, there is much work to be done when it comes to threat transparency.
TIPs have evolved from simple feed aggregators to sophisticated platforms central to modern cyber defence. Initially, TIPs helped companies simply collect and manage threat data, but today they enable automation, contextual enrichment, and the sharing of intelligence between teams, departments and partners. However, despite their potential, as noted above only a fifth of organisations have fully functional TIPs, and many still face challenges, such as too many feeds with insufficient context and a lack of automation.
Today, TIPs are critical to integrating AI, automating triage, and prioritising threats, while minimising the need for human intervention and boosting reflex time. A unified approach to threat intelligence is vital to businesses looking to protect themselves against increasingly complex cyber threats. Through this approach, once the automated TIP has identified and unified the threat data, it aligns with workflows such as exposure management to ensure action is taken to mitigate the risks. Cyber security professionals must place TIPs at the heart of their security strategies to seal off the gaps in defence intelligence that currently exist.
