Prove Skill Mastery with GIAC Certs - Free Cert Attempt Included with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

2020 SANS Cyber Threat Intelligence (CTI) Survey Results

  • Tuesday, February 11, 2020 at 1:00 PM EST (2020-02-11 18:00:00 UTC)
  • Robert M. Lee


  • ThreatQuotient

You can now attend the webcast using your mobile device!



Over the past several years, SANS has seen a gradual maturation of cyber threat intelligence (CTI) and its applications in information security. The 2019 CTI survey saw an increase in usage of and interest in CTI, along with a diversification in how the intelligence is being used by organizations. While the use of CTI continued to grow, it became evident that there is no one-size-fits-all approach. Organizations leverage different types of CTI to meet different needs.

The 2020 Cyber Threat Intelligence (CTI) Survey builds on previous surveys to provide guidance on how organizations of all types can get the most out of CTI. Attendees at this webcast will gain insight into:

  • How consumers and generators of CTI leverage, create and measure intelligence
  • What progress has been made on automation of intelligence collection and processing
  • What improvements organizations have realized as a result of using CTI
  • Which best practices are in use across respondents' organizations

Register today to be among the first to receive the associated whitepaper written by SANS instructor and CTI expert Robert M. Lee.

Click here to register for a panel discussion of the survey results on Thursday, February 13, 2020, at 1PM Eastern. On this webcast, Robert M. Lee and sponsor speakers will explore how these results can improve CTI programs.

Speaker Bio

Robert M. Lee

Robert M. Lee, a SANS certified instructor and author of ICS515 ICS Active Defense and Incident Response and FOR578 Cyber Threat Intelligence courses, is the founder and CEO of Dragos, a critical infrastructure cyber security company, where he focuses on control system traffic analysis, incident response and threat intelligence research. He has performed defense, intelligence and attack missions in various government organizations, including the establishment of a first-of-its-kind ICS/SCADA cyber threat intelligence and intrusion analysis mission. Author of SCADA and Me and a nonresident National Cyber Security Fellow at New America, focusing on critical infrastructure cyber security policy issues, Robert was named EnergySec’s 2015 Energy Sector Security Professional of the Year.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.