Schlette, Daniel and Caselli, Marco and Pernul, Gunther (2021) A Comparative Study on Cyber Threat Intelligence: The Security Incident Response Perspective. IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 23 (4). pp. 2525-2556. ISSN 1553-877X
Full text not available from this repository. (Request a copy)Abstract
Cyber Threat Intelligence (CTI) is threat information intended for security purposes. However, use for incident response demands standardization. This study examines the broader security incident response perspective. Introducing 18 core concepts, we assist efforts to establish and assess current standardization approaches. We further provide the reader with a detailed analysis of 6 incident response formats. While we synthesize structural elements, we point to characteristics and show format deficiencies. Also, we describe how core concepts can be used to determine a suitable format for a given use case. Our surveys' findings indicate a consistent focus on incident response actions within all formats. Besides, playbooks are used to represent procedures. Different use cases suggest that organizations can leverage and combine multiple formats. Finally, we discuss open research challenges to fully realize incident response potentials.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | INFORMATION; Cyber threat intelligence; incident response; standardization; playbook format |
| Subjects: | 000 Computer science, information & general works > 004 Computer science |
| Divisions: | Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatics and Data Science > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) |
| Depositing User: | Dr. Gernot Deinzer |
| Date Deposited: | 05 Jul 2022 11:31 |
| Last Modified: | 05 Jul 2022 11:31 |
| URI: | https://pred.uni-regensburg.de/id/eprint/46225 |
Actions (login required)
 |
View Item |
