2025年威胁情报领域人工智能与自动化状况报告

The State ofAI & Automation inThreat IntelligenceInsights from cybersecurity executives and practitioners on implementation, trust, and impact.2025Research ContentContents03About the report04Executive summary05Survey demographics06Key takeaways07Section 1: AI and automation adoption in threat intelligence15Section 2: Expectations, realities, and business value23Section 3: Implementation barriers and vendor requirements34Section 4: The impact of AI and automation on threat intelligence42Conclusion43About UserEvidence45About Recorded Future2025. All Rights ReservedContents02About the report.Over the last year, we at Recorded Future have seen organizations focus on furthering their usage of AI and automation to respond to cyber threats faster and more efficiently. Given the current pace of adoption and the increasing number of conversations about AI and automation in the threat intelligence community, we wanted to separate the hype from the reality.
To what extent do security teams use AI and automation in daily tasks or strategic initiatives? How does that change based on location and organization size?
To aid in our research we commissioned a study with UserEvidence to survey over 520 cybersecurity leaders across various industries and countries. The goal: to separate fact from fiction, get a pulse check on the current state, and understand the future expectations of AI and automation in threat intelligence.The process of integrating threat intelligence data into security operations in a way that reduces or eliminates manual effort. The goal is to accelerate detection, investigations, and response by programmatically triggering actions based on intelligence.Automation Workflows.The ability to create AI-enabled outputs that enhance analysis, reduce cognitive load, and accelerate decision-making in threat intelligence workflows.Generative AI Capabilities.2025. All Rights ReservedAbout the report03Executive summary.Cybersecurity teams have integrated AI into threat intelligence programs with striking speed. Just two years after generative AI (GenAI) became widely available, it’s now a crucial part of the security playbook.Over 86% of surveyed CISOs, SOC leaders, and analysts now trust AI-generated threat intelligence outputs. And two-thirds believe GenAI can reduce analyst workloads by a quarter or more.Yet a surprising contradiction emerges. While 93% of respondents rate AI and automation as important to their future threat intelligence strategy, many security teams still manage key tasks manually. This gap between recognition and implementation indicates that many teams are in a transitional phase, recognizing the value of AI without systematically deploying it.86%of CISOs, SOC leaders, and analysts trust AI-generated threat intelligence outputs.67%believe GenAI can reduce analyst workloads by a quarter or more93%of respondents rate AI and automation as important to their future threat intelligence strategy. Yet many security teams still manage key