Schlette, Daniel and Vielberth, Manfred and Pernul, Guenther (2021) CTI-SOC2M2-The quest for mature, intelligence-driven security operations and incident response capabilities. COMPUTERS & SECURITY, 111: 102482. ISSN 0167-4048, 1872-6208
Full text not available from this repository. (Request a copy)Abstract
Threats, cyber attacks, and security incidents pertain to organizations of all types. Everyday information security is essentially defined by the maturity of security operations and inci-dent response capabilities. However, focusing on intemal information only has proven in-sufficient in an ever-changing threat landscape. Cyber threat intelligence (CTI) and its shar-ing are deemed necessary to cope with advanced threats and strongly influence security capabilities. Therefore, in this work, we develop CTI-SOC2M2, a capability maturity model that uses the degree of CTI integration as a proxy for SOC service maturity. In the course, we examine existing maturity models in the domains of Security Operations Centers (SOCs), incident response, and CTI. In search of adequate maturity assessment, we show threat in-telligence dependencies through applicable data formats. As the systematic development of maturity models demands, our mixed methodology approach contributes a new in-depth analysis of intelligence-driven security operations. The resulting CTI-SOC2M2 model con-tains CTI formats, SOC services and is complemented with an evaluation through expert interviews. A prototypical, tool-based implementation is aimed to document steps towards the model's practical application. (c) 2021 Elsevier Ltd. AH rights reserved.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | SOFTWARE PROCESS; Maturity model; Cyber threat intelligence (CTI); Security operations center (SOC); Incident response; Security orchestration; Automation and response (SOAR); Cybersecurity |
| Subjects: | ?? subjects_2_004 ?? |
| Divisions: | University of Regensburg > Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) University of Regensburg > Informatics and Data Science > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) |
| Depositing User: | Dr. Gernot Deinzer |
| Date Deposited: | 06 Jul 2022 08:02 |
| Last Modified: | 06 Jul 2022 08:02 |
| URI: | https://pred.uni-regensburg.de/id/eprint/45805 |
Actions (login required)
 |
View Item |
