Risks of Sharing Cyber Incident Information
dc.cclicence | N/A | en |
dc.contributor.author | Albakri, Adham | en |
dc.contributor.author | Boiten, Eerke Albert | en |
dc.contributor.author | De Lemos, Rogério | en |
dc.date.acceptance | 2018-06-12 | en |
dc.date.accessioned | 2018-07-03T14:46:11Z | |
dc.date.available | 2018-07-03T14:46:11Z | |
dc.date.issued | 2018-08 | |
dc.description.abstract | Incident information sharing is being encouraged and mandated as a way of improving overall cyber intelligence and defense, but its take up is slow. Organisations may well be justified in perceiving risks in sharing and disclosing cyber incident information, but they tend to express such worries in broad and vague terms. This paper presents a specific and granular analysis of the risks in cyber incident information sharing, looking in detail at what information may be contained in incident reports and which specific risks are associated with its disclosure. We use the STIX incident model as indicative of the types of information that might be reported. For each data field included, we identify and evaluate the threats associated with its disclosure, including the extent to which it identifies organisations and individuals. The main outcome of this analysis is a detailed understanding of which information in cyber incident reports requires protection, against specific threats with assessed severity. A secondary outcome of the analysis is a set of guidelines for disciplined use of the STIX incident model in order to reduce information security risk. | en |
dc.funder | EU Horizon 2020 | en |
dc.identifier.citation | Albakri, A., Boiten, E. and de Lemos, R. (2018) Risks of Sharing Cyber Incident Information, 13th International Conference on Availability, Reliability and Security (ARES), CyberTIM, ACM, Hamburg, Germany, August 2018. | en |
dc.identifier.doi | https://doi.org/10.1145/3230833.3233284 | |
dc.identifier.uri | http://hdl.handle.net/2086/16318 | |
dc.language.iso | en | en |
dc.peerreviewed | Yes | en |
dc.projectid | 675320 | en |
dc.researchgroup | Cyber Technology Institute (CTI) | en |
dc.researchinstitute | Cyber Technology Institute (CTI) | en |
dc.subject | cyber intelligence sharing | en |
dc.subject | incident report | en |
dc.subject | STICS | en |
dc.subject | risk management | en |
dc.subject | privacy risk | en |
dc.subject | security risk | en |
dc.title | Risks of Sharing Cyber Incident Information | en |
dc.type | Conference | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Risks of Sharing Cyber Incident Information.pdf
- Size:
- 599.06 KB
- Format:
- Adobe Portable Document Format
- Description:
- Pre-publication version
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 4.2 KB
- Format:
- Item-specific license agreed upon to submission
- Description: