Promoting Research on Cyber Threat Intelligence Sharing in Ecosystems

Introduction
The article by Abraham, Bélanger, and Daultrey, (2025) focuses at the technological, social,
and psychological aspects that influence what companies interact with Cyber Threat
Intelligence (CTI). Based on interviews with forty cybersecurity experts, the report
pinpoints eleven key elements that influence the results of CTI sharing. A conceptual
framework that broadens the study of trust, reciprocity, and governance in cybersecurity
ecosystems is put forth by the authors.
Relation to Social Science Principles
Social sciences’ behavioral, ethical, and social interaction concepts are closely related to this
subject. It investigates how digital security choices are influenced by human trust, risk
perception, and teamwork. The essay also incorporates ideas from sociological (inter-
organizational networks), ethics (balancing openness and privacy), and behavior in
organizations (group collaboration and information exchange). It illustrates how social
dynamics—like reciprocity, trust, and fear of retaliation—have a direct impact on
interactions that take place on technology.

Research Question / Hypothesis / Independent & Dependent Variables
Research Questions: What factors influence an organization’s decision to disclose or keep
cyber threat intelligence private? What technological and psychological variables influence
the sharing of CTIs?
Theorem: Social and behavioral elements like reciprocity, trust, and governance maturity,
in addition to technology, restrict CTI sharing.
The independent variables: It includes trust (in people and technology), reciprocity, and
organizational maturity.
The dependent variables: It includes effectiveness and frequency of CTI sharing among
organizations.
Methods Used
Based mostly on structured and semi-structured interviews with cybersecurity specialists
from national authorities, Fortune 500 firms, academia, and law enforcement, the study
employed a mixed-methods qualitative design. Additionally, the writers thematically
analyzed the interview data and incorporated the results with previously published works.
Data and Analysis
Expert interviews, secondary reports, and pre-existing CTI frameworks were among the
data sources. To find key themes including actionability, reciprocity, and fear of retaliation,
the authors used qualitative coding. They then combined the data into a conceptual study
framework that linked organizational behavior to CTI efficacy.
Connection to Class Concepts
Cyber ethics, human-centered cybersecurity, digital trust, and risk management are among
the themes covered in class that have connections to the study. It supports the notion that

cybersecurity has psychological and social components in addition to technical ones.
The emphasis on Zero Trust (ZT) and collaborative ecosystems is consistent with lessons on
how human behavior and technology interact to produce safe systems.
Marginalized Groups
While the essay does not specifically address underrepresented populations, its
implications extend to global participation in cybersecurity ecosystems. Fair access to
information across countries and businesses is necessary for effective CTI sharing.
Participation restrictions are frequently encountered by smaller or less-resourced
organizations, underscoring the necessity of regulations that support equity, accessibility,
and diversity in cybersecurity cooperation.
Societal Contributions / Conclusion
By encouraging group cybersecurity protection via trust-based intelligence sharing, this
study benefits society. It pushes organizations and legislators to improve cooperation,
openness, and inclusivity in cyber ecosystems. By defining CTI as both a human and
technological issue, it promotes social science-informed cybersecurity strategies that
safeguard not only systems but also the people who use them.
Citation
Abraham, C., Bélanger, F., & Daultrey, S. (2025). Promoting research on cyber threat
intelligence sharing in ecosystems. Journal of Cybersecurity, 11(1), tyaf016.

https://doi.org/10.1093/cybsec/tyaf016
Article Link: https://academic.oup.com/cybersecurity/article/11/1/tyaf016/8244123