Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Cyber threat intelligence in practice: Implications of the blurred lines between public and private intelligence activity
Cyber Security: A Peer-Reviewed Journal,
8
(3),
264-272
(2025)
Abstract
Intelligence is recognised as crucial for strengthening organisational security, particularly in the cyber domain. Companies have developed their own intelligence capabilities to address this requirement. Cyber threat intelligence (CTI) has historically been understood as a primarily technical, politically neutral practice. In contrast, this paper argues that CTI is socio-technical, collaborative and political. Interviews with industry and government practitioners were undertaken to better understand how CTI practitioners viewed their work. The findings underlined the importance of personal trusted relationships and collaboration. Companies were found to be working closely with government, often in ad hoc and informal ways. Moreover, the public and private sector were viewed as having different, complementary forms of visibility into the cyber domain. Together, this has contributed to a blurring of the lines between public and private organisations. These findings suggest that companies should promote trusted personal relationships through a combination of formal and less formal methods. At the same time, companies should be alive to the risks inherent in conducting intelligence activities in ‘operational intimacy’ with state actors, particularly in a period of increasing geopolitical competition and conflict.
Keywords: intelligence; cyber security; cyber threat intelligence; public–private collaboration; geopolitics
The full article is available to subscribers to the journal.
Author's Biography
Neil Ashdown is a researcher and consultant working on cyber, security and intelligence. Neil completed a PhD in cyber security at the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday at Royal Holloway, University of London. His PhD thesis explored public–private collaboration on cyber intelligence in the UK. He is on the steering committee of the UK Offensive Cyber Working Group, an academic initiative to encourage engagement between government, industry and academia. Prior to undertaking his PhD research, Neil worked for over a decade as an analyst and editor at Jane’s, the open-source defence intelligence specialists. He was the deputy editor of Jane’s Intelligence Review from 2014 to 2019.
Keith Martin is a Professor of Information Security at Royal Holloway, University of London and director of the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday. He has broad research interests, with a focus on application of cryptography and geopolitical aspects of cyber security. Keith holds a degree in mathematics from the University of Glasgow and a PhD from Royal Holloway. Following research positions at the University of Adelaide and the Katholieke Universiteit Leuven, Keith returned to Royal Holloway in 2000, where he co-created the successful distance learning MSc in information security and served as Director of the Information Security Group from 2010 to 2015. Keith has over 100 research publications in cyber security, as well as articles in the popular and professional press. He is author of the textbook Everyday Cryptography (OUP, 2017), now in its second edition, and the popular science book Cryptography: The Key to Digital Security, How it Works and Why it Matters (Norton, 2020). He has also presented courses on cyber security to a wide range of audiences, including specialist industrial short courses, the general public and schools.
