Business Leaders Lack Understanding of Threat Intelligence

Business leaders are unsure what threat intelligence is or how it can help them, potentially putting organizations at increased to cyber threats, a new research paper has warned.

Launched at Infosecurity Europe 2026, the Bridging the Gap Between Threat Intelligence and Business Risk paper by Silobreaker and the SANS Institute examines the gap between threat intelligence teams and other areas of the business differ in their understanding about security risks and how to combat them.

This ‘intelligence-stakeholder gap’ means that even if an organization has a threat intelligence team which produces relevant information for the organization to use, this information might fly under the radar or be misunderstood by business leaders.

Without proper acknowledgement or visibility of this work, many intelligence teams find it difficult to expand their services or get approvals for additional people, processes or technology to further protect the business. This could leave the organization vulnerable to cyber threats.

To close this gap, the Silobreaker paper says, threat intelligence teams must have a clear understanding of their stakeholders in the business, how to communicate with them and be aware of what types of results and outputs they need to hear about to ensure a meaningful and positive response.

“Threat intelligence only delivers value when it changes decisions. Too often, there’s a disconnect between what analysts uncover and what senior leaders need to prioritise risk and act with confidence,” said Geoff Brown, CEO of Silobreaker.

How to Build Threat Intelligence for Business Leaders

Threat intelligence briefings and outputs must be designed to meet what senior leadership and risk management most urgently need to hear about.

According to the report, this includes clarity on enterprise exposure to inform relevant stakeholders on what the main cyber risks to the mission of the organization are.

A forward-looking risk posture should be included in briefings so that leaders can use these insights to report on risks, inform changes to the organization’s risk profile, and adjust business-wide decisions accordingly.

This will provide an early risk warning to the organization, which can be used to respond effectively potential threats or vulnerabilities.

The paper also noted that speed should also be important to threat intelligence teams, not just in terms of reacting to potential threats, but also how they explain them to business leaders, because leadership might not have much time to put aside to take in the information.

One way to ensure that senior leadership understands the importance of threat intelligence and ensure they understand it and find it useful, is for threat intelligence teams to regularly ask for feedback from stakeholders.

“Continuous feedback allows for constant refinement of your threat intelligence program. The more you listen to your stakeholders, the stronger every aspect of your program will be,” said the report.

This feedback also helps assure senior leaders that their investment in the program is based on sound and well-adopted frameworks.

Silobreaker will detail how organizations can take this and other actions to close the Intelligence–Stakeholder Gap at Infosecurity Europe between June 2 and June 4

“At Infosecurity Europe, we’ll be sharing practical ways to align intelligence with business risk, so insights reach the right stakeholders in a form they can use and drives clearer priorities and more effective responses,” said Silobreaker’s Brown.

Silobreaker will at Infosecurity Europe 2026 at booth #F49. SANS Institute can be found at booth #F130. The SANS Institute will also be running on-site workshops for cybersecurity leaders on June 2 and 3. Register for Infosecurity Europe here.

Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns

You may also like

#RSAC Interview: SANS Institute’s Rob Lee Discusses the State of Technical Skills in Cybersecurity

#Infosec19: Threat Intel Sharing: The Future of Resilience, but Use with Caution

81% of Cybersecurity Pros See Value in Threat Intelligence

Infosecurity Europe Unveils Keynote Speakers for 2022 Event

SMB Skills Gaps and #COVID19 Imperil Cyber-Resilience

What’s Hot on Infosecurity Magazine?

Critical Flowise Flaw Gives Attackers Full Server Control

Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack

The Beginning of the End of Human Penetration Testing

Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies

AI-Generated npm Malware Leaks Its Own GitHub Token

Infosecurity Europe: Why Burnout in Cybersecurity Demands Risk-Based Response

Cyber House Party: More Than Just an After Party

Cyber Resilience Under Pressure: Can Your Organisation Prove Control When it Matters Most?

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign

Microsoft Condemns "Uncoordinated" Zero Day Disclosures

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Cyber Resilience Under Pressure: Can Your Organisation Prove Control When it Matters Most?

Building True Cyber Resilience Across Financial Supply Chains

Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

How To Enhance Security Operations with AI-Powered Defenses

Why Resilience‑Focused Cloud Design Is Your Best Defense Against Modern Attacks

How Trusted Time Strengthens Network Security

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

Inside the Code War: Defending Against Nation-State Cyber Threats

Interview: How YKK Is Securing the World’s Largest Zipper Manufacturing Operation

CISA and Partners Publish Zero Trust Guidance For OT Security

Most Cybersecurity Professionals Feel Undervalued and Underpaid

Cyber Resilience Under Pressure: Can Your Organisation Prove Control When it Matters Most?