2025 Threat Assessment Insights from Security Leaders

Based on feedback from 30 Base Operations customers across industries.

Executive Summary

We recently gathered insights from security professionals across diverse industries to understand how threat assessment workflows are evolving and what capabilities matter most for the future. The results reveal a community that's actively embracing AI-powered solutions while seeking more efficient, intelligent ways to protect their organizations.

Current AI Adoption Status

The security community is advancing rapidly in AI adoption, though implementation approaches vary significantly:

• Leading organizations have begun actively integrating AI into daily threat assessment workflows
• The majority are exploring specific use cases and pilot implementations but have yet to formally operationalize AI capabilities
• Strategic planning for AI adoption is now standard across enterprise security teams

"We haven't really leaned into that AI-driven modeling yet but that's where we see the potential." - Survey Respondent

Where AI Delivers the Most Impact

Based on this adoption landscape, security professionals report AI creates the most value in these priority areas:

Top Use Cases:

1. Reducing manual data gathering time - Eliminating hours of routine research to focus on analysis
2. Automated report generation - Standardized briefings with analytics, summaries, and visualizations
3. Location intelligence requests - Rapid deep-dives into specific geographical areas
4. Stakeholder response - Quick, accurate answers to ad-hoc leadership requests

"Automating local threat briefings and pulling quick incident context would make us more efficient with our limited staff." - Survey Respondent

Custom Risk Scoring: The Highest-Value Opportunity

Organizations rate the value of custom internal risk scoring 8.9/10 on average, indicating strong demand for personalized risk assessment capabilities.

Key Benefits Organizations Seek:

• Internal vs. external risk comparison - Understanding how company-specific incident data compares to regional baseline threats
• Cross-location trend analysis - Identifying patterns across global operations
• Executive reporting - Data-driven insights for leadership decision-making

Implementation Challenges:

• Resource allocation for data integration projects
• Leadership prioritization and budget approval
• Technical complexity of combining internal and external data sources

Platform Usage Patterns

Understanding when and why security teams access threat intelligence platforms reveals consistent triggers across organizations:

Top Reported Triggers For Initiating Threat Assessments

1. Planned events & travel - Executive movements, corporate events, facility operations
2. Stakeholder requests - Leadership queries, business unit risk assessments
3. Incident response - Real-time threat evaluation during active situations
4. Scheduled reviews - Regular monitoring per security SOPs

Key Takeaways for Security Leaders

Four Critical Insights:

• AI adoption is accelerating but trust-and-verify remains - Organizations are exploring use cases and pilots, but still require manual review and analyst oversight
• Data integration drives value - The most impactful applications combine internal organizational data with external threat intelligence for contextualized risk assessment
• Manual data gathering elimination is the top priority - Security teams consistently want tools that reduce routine research time while improving analysis quality and speed
• Global intelligence gaps persist - International threat data quality varies significantly, creating challenges for organizations with overseas operations

Looking Ahead

The feedback from your peer organizations reveals a security community that's ready to embrace intelligent automation while maintaining the human expertise that drives effective threat assessment. As these capabilities evolve, the organizations that successfully integrate AI-powered tools with their existing expertise will be best positioned to protect their people and assets in an increasingly complex threat landscape.

This summary represents aggregated, anonymized feedback from Base Operations customers across consulting, financial services, technology, retail, and other industries. Individual responses have been anonymized to protect customer privacy while sharing valuable community insights.