A Business Analyst Centric Framework for Consuming and Applying Cyber Threat Intelligence

The proliferation of Cyber Threat Intelligence (CTI) has created a critical bottleneck: its consumption by non-technical stakeholders who are essential for translating threat data into business action. Business Analysts (BAs), who operate at the nexus of business needs, processes, and technology, are uniquely positioned to bridge this gap, yet lack a standardized framework to do so. This research addresses the under-explored role of the Business Analyst as a cyber threat intelligence translator and integrator . We propose the Business Analyst Threat Integration (BATI) Framework , a role-specific methodology enabling BAs to systematically consume raw CTI, contextualize it within business processes and objectives, and generate actionable requirements for risk mitigation, process redesign, and control enhancement. Through a design science approach involving 50 Business Analysts across finance, healthcare, and retail sectors, we co-designed and validated the BATI Framework. The framework consists of a Five-Stage Consumption Cycle (Receive, Contextualize, Map, Assess, Specify) and a suite of tailored artifacts, including the Threat-to-Process Impact Matrix (TPIM) and Intelligence-Driven User Stories (IDUS) . A 12-week field trial demonstrated that BAs using the BATI Framework produced security requirements with a 65% higher alignment to verified business risks and accelerated the integration of security controls into project lifecycles by 50%. This study establishes the Business Analyst as a pivotal force multiplier for organizational cybersecurity, providing a structured path to operationalize threat intelligence within the fabric of business analysis and project delivery.