A Shared Cyber Threat Intelligence Solution for SMEs

Haastrecht, Max van; Golpur, Guy; Tzismadia, Gilad; Kab, Rolan; Priboi, Cristian; David, Dumitru; Răcătăian, Adrian; Brinkhuis, Matthieu; Spruit, Marco

doi:10.3390/electronics10232913

Cited by 18 publications

(16 citation statements)

References 81 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, Haastrecht et al [7] showed how small and medium size enterprises suffer from the lack of CTI tools and shared information. They created a CTI Feed that can provide these companies with actionable recommendations that are ordered by relevance and helped them avoid vulnerabilities and threats.…”

Section: Cti Main Challenges and Technical Improvementsmentioning

confidence: 99%

“…It is known that CTI must explore the collection while filtering, sharing and analyzing vulnerabilities in intel and threat data regardless of vendor, technology or source. For that, much research has been developed to address the collection and filtering of threat intelligence [4,5], as well as sharing and using that data to mitigate threats [6,7].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

et al. 2022

View full text Add to dashboard Cite

Cyber attacks have increased in frequency in recent years, affecting small, medium and large companies, creating an urgent need for tools capable of helping the mitigation of such threats. Thus, with the increasing number of cyber attacks, we have a large amount of threat data from heterogeneous sources that needs to be ingested, processed and analyzed in order to obtain useful insights for their mitigation. This study proposes a methodological framework to collect, organize, filter, share and visualize cyber-threat data to mitigate attacks and fix vulnerabilities, based on an eight-step cyber threat intelligence model with timeline visualization of threats information and analytic data insights. We developed a tool to address needs in which the cyber security analyst can insert threat data, analyze them and create a timeline to obtain insights and a better contextualization of a threat. Results show the facilitation of understanding the context in which the threats are inserted, rendering the mitigation of vulnerabilities more effective.

show abstract

Section: Cti Main Challenges and Technical Improvementsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Typically, SMEs do not budget adequately for cybersecurity solutions such as purchasing products, services, and external consulting services. It is suggested that the government subsidise certain funding to assist SMEs in improving their cybersecurity posture, providing tools to reduce the cost of IT solutions based on effective procurement methods, and many other things (Tamyez, 2022;van Haastrecht et al, 2021). For example, after negotiation and consideration of authority, SMEs can subscribe to customised Service Legal Agreements (SLA) based on their size and suitability to fit SMEs cybersecurity needs.…”

Section: Solutions For Cybersecurity Among Smes Companiesmentioning

confidence: 99%

CYBER SECURITY IN SMALL AND MEDIUM ENTERPRISES (SMEs)

Wallang

Shariffuddin

Mokhtar

2022

jgd

View full text Add to dashboard Cite

The Fourth Industrial Revolution (IR4.0) has provided immense benefits for the sustainability of businesses, with many businessesutilising websites to sell their products and services internationally. Cybersecurity has nonetheless emerged as one of the most significant global challenges posed by this new digitization trend. Currently, more than sixty percent of commercial transactions are conducted online or via digital wallets, necessitating exceptional security for transparent and secure transactions. Individuals are unable to maintain the security of their private data because of these evolving technologies, and cybercrime is on the rise. Information security is one of the most complex issues currently. Cybercrimes, which are increasing at an alarming rate, are the first thing that comes to mind when we think about cyber security. Consequently, numerous governments and corporations are enhancing their cybersecurity tools to combat cybercrime. Despite numerous precautions, cyber threats remain a major concern not only for government and large businesses, but also for Small and Medium-Sized Businesses (SMEs) companies. This paper examines the challenges and solutions faced by small and medium-sized enterprises (SMEs) in relation to cyber security issues. In addition, it also examines the Malaysian context that may hinder the cybersecurity adoption gap for risk mitigation and high security in operational and development business environments.

show abstract

“…Other efforts focusing on the automatic collection and processing of can be found in the works of [13] and [14], where Indicators Of Compromise (IOCs) are extracted from the corresponding data. To both process and analyse the collected data, the authors of [15] propose a solution that processes Malware Information Sharing Platform (MISP) data automatically, prioritizes cybersecurity threats for Small and medium-sized enterprises (SMEs), and provides SMEs with actionable recommendations tailored to their context. On top of solutions like the ones mentioned above, in order to facilitate the automation of processes regarding the CTI, standardization efforts have been made.…”

Section: B Related Workmentioning

confidence: 99%

BRIDGE: BRIDGing the gap bEtween CTI production and consumption

Karatisoglou

Farao

Bolgouras

et al. 2022

2022 14th International Conference on Communications (COMM)

View full text Add to dashboard Cite

Security for businesses and organizations is essential to protect operational activities, trust relationship with clients and financial viability. Increased interest for research concerning cybersecurity issues has been shown recently, while at the same time professionals of this sector are employed to ensure safety. In turn, the efficacy and performance of both the researchers and professionals rely on the information provided by Cyber Threat Intelligence infrastructures. Automation of procedures regarding the collection, harmonization and processing of information is of utmost importance for Cyber Threat Intelligence, in order to effectively relay to the community data concerning newly emerged threats. Nevertheless, the process regarding the transfer of knowledge between Cyber Threat Intelligence and cybersecurity specialists is based on frameworks and procedures that are not in line with the needs and standards of modern times, being performed through obsolete methods and manual labor. In this paper, we propose BRIDGE, the first tool that streamlines the flow of intelligence between Cyber Threat Intelligence and cybersecurity professionals, by taking advantage of the Structured Threat Information eXpression standard, utilizing blockchain technology and automatically converting the intelligence needed in the form that researchers and other professionals require. Our experimental results demonstrate the efficiency of BRIDGE in terms of swiftness and performance improvement compared to the mainstream approach.

show abstract

A Shared Cyber Threat Intelligence Solution for SMEs

Cited by 18 publications

References 81 publications

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

CYBER SECURITY IN SMALL AND MEDIUM ENTERPRISES (SMEs)

BRIDGE: BRIDGing the gap bEtween CTI production and consumption

Contact Info

Product

Resources

About