Skip to main content

An Empirical Evaluation of Cyber Threat Intelligence Sharing in the ECHO Early Warning System.

Tools

Chalkias, I., Yucel, C., Mallis, D., Rajamaki, J., De Vecchis, F., Hagstrom, P. and Katos, V., 2023. An Empirical Evaluation of Cyber Threat Intelligence Sharing in the ECHO Early Warning System. In: Tagarev, T. and Stoianov, N., eds. Digital Transformation, Cyber Security and Resilience. DIGILIENCE 2020. Cham: Springer, 23-40.

Full text available as:

[img]
Preview
 PDF
978-3-031-44440-1_3.pdf - Accepted Version
Available under License Creative Commons Attribution Non-commercial.
1MB

Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk.

Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material.

DOI: 10.1007/978-3-031-44440-1_3

Abstract

This paper reports on the information sharing practices of cyber competency centres representing different sectors and constituencies. The cyber competency centres participated in the form of CSIRTs employed the ECHO Early Warning System. Through a structured tabletop exercise, over 10 CSIRTS were engaged and a number of features were captured and monitored. A key research question was to determine the factors that can potentially hinder or amplify Cyber Threat Intelligence information sharing. The exercise imitated real attack scenarios using state-of-the-art tactics techniques and procedures as observed by real-world APT groups and daily incidents. The findings revealed differences in terms of timeliness, response time and handling tickets with different Traffic Light Protocol classifications, duration of handling a ticket and intention to disclose.

Item Type:Book Section
ISBN:9783031444395
Volume:1790 C
Additional Information:Varna, Bulgaria, September 30 – October 2, 2020, Revised Selected Papers. Part of the Communications in Computer and Information Science book series (CCIS,volume 1790)
Uncontrolled Keywords:cybersecurity tabletop exercise; extra-constituency information sharing
Group:Faculty of Science & Technology
ID Code:39211
Deposited By: Symplectic RT2
Deposited On:29 Nov 2023 09:02
Last Modified:01 Nov 2024 01:08

Downloads

Downloads per month over past year

More statistics for this item...
Repository Staff Only -