LAUSR.org creates dashboard-style pages of related content for over 1.5 million academic articles. Sign Up to like articles & get recommendations!

Leveraging cyber threat intelligence for a dynamic risk framework

Photo by possessedphotography from unsplash

One of the most important goals in an organization is to have risks under an acceptance level along the time. All organizations are exposed to real-time security threats that could… Click to show full abstract

One of the most important goals in an organization is to have risks under an acceptance level along the time. All organizations are exposed to real-time security threats that could have an impact on their risk exposure levels harming the entire organization, their customers and their reputation. New emerging techniques, tactics and procedures (TTP) which remain undetected, the complexity and decentralization of organization assets, the great number of vulnerabilities proportional to the number of new type of devices (IoT) or still the high number of false positives, are only some examples of real risks for any organization. Risk management frameworks are not integrated and automated with near real-time (NRT) risk-related cybersecurity threat intelligence (CTI) information. The contribution of this paper is an integrated architecture based on the Web Ontology Language (OWL), a semantic reasoner and the use of Semantic Web Rule Language (SWRL) to approach a Dynamic Risk Assessment and Management (DRA/DRM) framework at all levels (operational, tactic and strategic). To enable such a dynamic, NRT and more realistic risk assessment and management processes, we created a new semantic version of STIX™v2.0 for cyber threat intelligence as it is becoming a de facto standard for structured threat information exchange. We selected an international leading organization in cybersecurity to demonstrate new dynamic ways to support decision making at all levels while being under attack. Semantic reasoners could be our ideal partners to fight against threats having risks under control along the time, for that, they need to understand the data. Our proposal uses an unprecedented mix of standards to cover all levels of a DRM and ensure easier adoption by users.

Keywords: threat intelligence; risk; threat; dynamic risk; organization

Journal Title: International Journal of Information Security
Year Published: 2019

Link to full text (if available)


Share on Social Media:                               Sign Up to like & get
recommendations!

Related content

More Information              News              Social Media              Video              Recommended



                Click one of the above tabs to view related content.