Risks of Sharing Cyber Incident Information

dc.cclicenceN/Aen
dc.contributor.authorAlbakri, Adhamen
dc.contributor.authorBoiten, Eerke Alberten
dc.contributor.authorDe Lemos, Rogérioen
dc.date.acceptance2018-06-12en
dc.date.accessioned2018-07-03T14:46:11Z
dc.date.available2018-07-03T14:46:11Z
dc.date.issued2018-08
dc.description.abstractIncident information sharing is being encouraged and mandated as a way of improving overall cyber intelligence and defense, but its take up is slow. Organisations may well be justified in perceiving risks in sharing and disclosing cyber incident information, but they tend to express such worries in broad and vague terms. This paper presents a specific and granular analysis of the risks in cyber incident information sharing, looking in detail at what information may be contained in incident reports and which specific risks are associated with its disclosure. We use the STIX incident model as indicative of the types of information that might be reported. For each data field included, we identify and evaluate the threats associated with its disclosure, including the extent to which it identifies organisations and individuals. The main outcome of this analysis is a detailed understanding of which information in cyber incident reports requires protection, against specific threats with assessed severity. A secondary outcome of the analysis is a set of guidelines for disciplined use of the STIX incident model in order to reduce information security risk.en
dc.funderEU Horizon 2020en
dc.identifier.citationAlbakri, A., Boiten, E. and de Lemos, R. (2018) Risks of Sharing Cyber Incident Information, 13th International Conference on Availability, Reliability and Security (ARES), CyberTIM, ACM, Hamburg, Germany, August 2018.en
dc.identifier.doihttps://doi.org/10.1145/3230833.3233284
dc.identifier.urihttp://hdl.handle.net/2086/16318
dc.language.isoenen
dc.peerreviewedYesen
dc.projectid675320en
dc.researchgroupCyber Technology Institute (CTI)en
dc.researchinstituteCyber Technology Institute (CTI)en
dc.subjectcyber intelligence sharingen
dc.subjectincident reporten
dc.subjectSTICSen
dc.subjectrisk managementen
dc.subjectprivacy risken
dc.subjectsecurity risken
dc.titleRisks of Sharing Cyber Incident Informationen
dc.typeConferenceen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Risks of Sharing Cyber Incident Information.pdf
Size:
599.06 KB
Format:
Adobe Portable Document Format
Description:
Pre-publication version
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
4.2 KB
Format:
Item-specific license agreed upon to submission
Description: