The landscape of cybersecurity is shifting dramatically, as revealed by recent research conducted by Filigran during Infosecurity Europe 2026. A survey featuring 168 cybersecurity professionals across diverse industries highlights that organizations are transitioning into a new era of threat-informed defense. This advancement emphasizes the importance of possessing the intelligence and contextual understanding necessary for determining which threats genuinely pose risks to business operations. The core objective is to enable security teams to make informed, swift decisions in the face of an ever-evolving threat landscape.
A predominant theme emerging from the survey is that organizations are inundated with increasing volumes of threat intelligence, vulnerabilities, and security alerts. The dilemma, however, is not primarily about accumulating more data; rather, it centers on simplifying complexities and hastening the decision-making processes within security workflows. Security teams are grappling with operational inefficiencies, particularly when it comes to validating findings and managing a myriad of alerts.
The survey identified that a significant amount of time within security teams is wasted on addressing false positives and low-priority alerts, with 26% of respondents citing this as their primary time drain. An additional 25% noted that they were allocated considerable resources to validate the reality of perceived risks, while 17% found themselves manually aggregating data from a multitude of security tools. Furthermore, 13% experienced delays while awaiting actions from other teams based on findings. This distribution of time allocations indicates that a considerable portion of security professionals’ efforts is spent coordinating remediation and correlating information, highlighting the need for improved systems and processes.
It was also found that the concern over AI-powered attacks looms large in the cybersecurity field. A significant 41% of security professionals identified these AI-driven attacks as their paramount concern, dwarfing other significant risks such as supply chain vulnerabilities and unknown threats, both of which were cited by just 21% of respondents. This alarming trend reflects an urgent need for organizations to bolster their defenses against increasingly sophisticated AI-related threats.
Interestingly, the attention surrounding AI threats has captured the focus of boardrooms as well, with 32% of security practitioners reporting that discussions around AI-driven risk and organizational preparedness are at the forefront of board inquiries. This concern ranks higher than traditional cybersecurity topics, such as regulatory compliance (NIS2 and DORA), which only accounted for 19% of board discussions. The findings suggest that boards are actively seeking assurance regarding their understanding of AI’s implications and the adequacy of their current security measures in navigating the complexities introduced by AI-enhanced threats.
Despite the heightened awareness of threat intelligence, many organizations continue to struggle in translating this information into actionable priorities. Only 19% of survey respondents expressed complete trust in threat intelligence to indicate what needs to be addressed first. An overwhelming 52% acknowledged that while threat intelligence informs their decisions, significant human judgement remains necessary to interpret the data. Additionally, 21% claimed that the sheer volume of information often complicates clarity, resulting in more confusion than guidance.
This critical gap in translating raw intelligence into priorities highlights the need for improved automation practices within organizations. When participants were asked about which aspects they would automate immediately, the majority (27%) emphasized the importance of converting threat intelligence into practical directives. This response underscores the ongoing struggle to prioritize security tasks effectively.
Moreover, respondents exhibited caution when it came to employing AI for autonomous security decision-making. A mere 8% indicated that they would trust AI to execute security decisions without human oversight. In contrast, 44% stated that human involvement should always be a part of the decision-making process, with 38% willing to delegate AI for low-risk, routine decisions only. The sentiment reflects a broader recognition of the necessity for human expertise in the cybersecurity sphere, particularly as organizations navigate emerging threats.
Additionally, the survey touched upon the implementation of Continuous Threat Exposure Management (CTEM), a vital framework for validating and prioritizing cyber risks. Notably, only 28% of respondents reported having a continuous, proactive exposure management program in place. The remaining participants were found either to be operating reactive security initiatives, organizing disconnected programs, or remaining unfamiliar with the concept of CTEM. Neena Sharma, Head of Customer and Product Marketing at Filigran, remarked that the results painted a coherent narrative: while security professionals are aware of the necessity for proactive strategies, existing tools and processes often create barriers.
Ultimately, the findings from this research illuminate a pressing need for organizations to evolve their cybersecurity approaches. As threats continue to grow in sophistication, the transition toward a cohesive threat-informed defense strategy becomes increasingly essential. The ability to streamline processes, embrace threat intelligence actively, and integrate AI judiciously will be paramount for organizations aiming to enhance their cybersecurity resilience in the face of relentless and evolving threats.