Risk Assessment of Sharing Cyber Threat Intelligence
Date
Advisors
Journal Title
Journal ISSN
ISSN
Volume Title
Publisher
Type
Peer reviewed
Abstract
Sharing Cyber Threat Intelligence (CTI) is advocated to get better defence against new sophisticated cyber-attacks. CTI may contain critical information about the victim infrastructure, existing vulnerabilities and business processes so sharing CTI may carry a risk. However, evaluating the risk of sharing CTI da-tasets is challenging due to the nature of the CTI context which is associated with the evolution of the threat landscape and new cyber attacks that are difficult to evaluate. In this paper, we present a quantitative risk model to assess the risk of sharing CTI datasets enabled by sharing with different entities in various situa-tions. The model enables the identification of the threats and evaluation of the impacts of disclosing this information. We present two use cases that help to de-termine the risk level of sharing a CTI dataset and consequently the mitigation techniques to enable responsible sharing. Risk identification and evaluation have been validated using experts’ opinions.