* [Blog](https://www.paloaltonetworks.com.au/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com.au/blog/corporate/)
* [CIO/CISO](https://www.paloaltonetworks.com.au/blog/category/ciociso/)
* 2016 Prediction #10: Cybe...

# 2016 Prediction \#10: Cyberthreat Intelligence Sharing Goes Mainstream

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F12%2F2016-prediction-10-cyberthreat-intelligence-sharing-goes-mainstream%2F)  
[](https://twitter.com/share?text=2016+Prediction+%2310%3A+Cyberthreat+Intelligence+Sharing+Goes+Mainstream&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F12%2F2016-prediction-10-cyberthreat-intelligence-sharing-goes-mainstream%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2F2015%2F12%2F2016-prediction-10-cyberthreat-intelligence-sharing-goes-mainstream%2F&title=2016+Prediction+%2310%3A+Cyberthreat+Intelligence+Sharing+Goes+Mainstream&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/2015/12/2016-prediction-10-cyberthreat-intelligence-sharing-goes-mainstream/&ts=markdown)  
\[\](mailto:?subject=2016 Prediction #10: Cyberthreat Intelligence Sharing Goes Mainstream)  
Link copied  
By [Scott Simkin](https://www.paloaltonetworks.com/blog/author/scott-simkin/?ts=markdown "Posts by Scott Simkin")  
Dec 16, 2015  
4 minutes  
[CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown)  
[Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)  
[Cyberthreat Intelligence Sharing](https://www.paloaltonetworks.com/blog/tag/cyberthreat-intelligence-sharing/?ts=markdown)  
[threat intelligence](https://www.paloaltonetworks.com/blog/tag/threat-intelligence/?ts=markdown)

*This is the tenth in our* [*series of cybersecurity predictions*](https://www.paloaltonetworks.com/blog/predictions/)*for 2016. Stay tuned for more through the end of the year.*

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Top-10-Predictions-Banner.png)  
[![Top-10-Predictions-Banner](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Top-10-Predictions-Banner-500x175.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Top-10-Predictions-Banner.png)

There are few areas of cybersecurity that present more promise than the concept of sharing threat intelligence to make online communities, and the Internet as a whole, a safer place.

No single organization is capable of achieving complete visibility into the threat landscape. But by joining together and sharing threat intelligence across the industry, we can enhance our collective immune system. The challenge, as is often the case, has been around putting that into practice.

There have been pockets of innovation, such as the Information Sharing and Analysis Centers (ISACs) or security vendors sharing intelligence between their customers. But as attackers continue to conduct successful cyberattacks around the world, this is clearly not enough. Current efforts provide value, but they are often cumbersome and only accessible to larger and more sophisticated security operations teams. There is essentially a high "barrier to entry," with manual analysis required to consume, verify, analyze and implement any changes to an organization's policy, even with adequately shared intelligence.

This requirement has limited the number of organizations who share intelligence, meaning we have less of it available than we should. Now, imagine a world where every security team can turn their network into a sensor and automatically implement protections for new attacks as they happen. This puts malicious actors at a disadvantage, requiring them to spend immense resources to discover new exploits, construct new malware, and employ new techniques.

The past year has shown us early indicators that 2016 will be the year organizations truly embrace -- and reap the benefits of -- shared threat intelligence. We will see this change the way both security vendors and the security community at large operate. I anticipate three specific changes:

### 1. Threat intelligence is not intellectual property

Organizations have historically been hesitant to share data on threats. From a security vendor side, this stems from a common belief that their product differentiation is dependent on keeping this intelligence a closely guarded secret.

From a user perspective, many organizations have also operated under the assumption that sharing intelligence with their competitors could expose sensitive information or put them at a competitive disadvantage. But, in 2016, we will see more vendors come to the realization that their users, and the community, have come to expect more from them. In order to offer the best protections possible, vendors will begin to share intelligence with each other on a wider scale.

### 2. Public and private data sharing

There has never been more focus from the United States government on the sharing of threat intelligence, with President Obama directing the Department of Homeland Security (DHS) to lead the charge to enable public and private entities to share intelligence with each other in [Executive Order 13691](https://www.whitehouse.gov/the-press-office/2015/02/13/executive-order-promoting-private-sector-cybersecurity-information-shari).

This coming year will see the result of these efforts formalized and put into practice, with [Information Sharing and Analysis Organizations](http://www.dhs.gov/isao) (ISAOs) being established and intelligence shared across private, non-profit and government agencies. Spurred by this innovation, we will see governments beyond the U.S. adopt similar policies.

### 3. Campaigns, not samples

We will see an evolution in what is being shared, with a move toward more adversary- and campaign-oriented intelligence. Traditional efforts have been focused on indicators such as hash values, which provide minimal actionable value to the organizations receiving them. Instead, we will see more effort around malware family and adversary attribution, which provide the context needed to understand the threat and develop relevant protections against them. Simply sharing data will no longer be good enough; we have to share the right intelligence, with actionable recommendations.

The coming year represents the fruition of the great promise in threat intelligence sharing. The world is changing, and both vendors and users must adopt a more proactive stance to sharing, lest they risk being left in the dust by those who do.

We have a responsibility as a security community to do everything in our power to prevent cyberattacks, which includes sharing as much intelligence as possible. While there is a great deal of momentum in 2016, we can do more to reap the benefits of this trend. Ask yourself how your organization can integrate and contribute to keeping our community safe online.

*Want to explore more of our top 2016 cybersecurity predictions? [Register now](https://boom.weboom.com/sites/paloaltonetworks/ignite2016/forms/regform.html) for Ignite 2016.*

[](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Ignite-2016.png)  
[![Ignite 2016](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Ignite-2016-500x124.png)](https://www.paloaltonetworks.com/blog/wp-content/uploads/2015/11/Ignite-2016.png)

*** ** * ** ***

## Related Blogs

### [CSO Perspective](https://www.paloaltonetworks.com/blog/category/cso-perspective/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)

[#### 2017 Cybersecurity Predictions: Automation and Playbook Models Take On Key Roles in Threat Intelligence Sharing](https://www.paloaltonetworks.com.au/blog/2016/12/2017-cybersecurity-predictions-automation-playbook-models-take-key-roles-threat-intelligence-sharing/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### 2026 Public Sector Cyber Outlook: Identity, AI and the Fight for Trust](https://www.paloaltonetworks.com.au/blog/2026/01/public-sector-cyber-outlook/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown)

[#### 2026 Predictions for Autonomous AI](https://www.paloaltonetworks.com.au/blog/2025/11/2026-predictions-for-autonomous-ai/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [CIO/CISO](https://www.paloaltonetworks.com/blog/category/ciociso/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### A CIO's First Principles Reference Guide for Securing AI by Design](https://www.paloaltonetworks.com.au/blog/2025/11/cios-first-principles-reference-guide-securing-ai-design/)

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### The Data Digestion Revolution: Why Cortex XDL is the Foundation of Modern Security](https://www.paloaltonetworks.com.au/blog/security-operations/the-data-digestion-revolution-why-cortex-xdl-is-the-foundation-of-modern-security/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### Stopping Cross-Domain Attacks with Cortex XDL + Cortex XSIAM](https://www.paloaltonetworks.com.au/blog/security-operations/stopping-cross-domain-attacks-with-cortex-xdl-cortex-xsiam/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language