The impact of cyber threat intelligence (CTI) on employee behavior and skills and the implications for organizational cyber resilience

The impact of cyber threat intelligence (CTI) on employee behavior and skills and the implications for organizational cyber resilience

연구 분야: Safety

학회: International Journal of Information Security

A cyber resilience strategy is a comprehensive plan designed to help organizations prepare for, respond to, and recover from cyber threats. Cyber threat intelligence (CTI) plays a key role in proactive defense, but its effectiveness depends on both technological capabilities and human factors. This study examines the relationships between CTI, human factors, and cyber resilience, focusing on six key variables: cyber literacy, cybersecurity awareness, cyber risk perception, sensitivity to anomalies, response capability, and recovery ability. Additionally, the study explores whether behavioral adaptation mediates or moderates these relationships. The research follows a quantitative approach, using an online survey completed by 208 cybersecurity-knowledgeable participants, including a subset of 131 professionals with hands-on experience. Data analysis was conducted using linear regression and the PROCESS Macro tool. The findings indicate a significant positive relationship between CTI implementation and both the human factor and organizational cyber resilience, as well as between cyber capabilities and behavioral adaptation. However, behavioral adaptation was not found to significantly mediate or moderate the relationship between human factors and cyber resilience. This study uniquely integrates human and technological dimensions of cybersecurity, emphasizing the need for proactive strategies and adaptive behaviors to address the evolving cyber threat landscape. It also highlights the opportunity to implement new threat intelligence controls within cybersecurity standards, both for certification purposes (e.g., ISO 27001) and as a tool for enhancing human factors and organizational cyber resilience. The combination of CTI with human-centered approaches and adaptive cyber resilience supports early threat detection, long-term cybersecurity, and stakeholder trust.