Abubakar Nainna Muhammad A.N.Muhammad@edu.salford.ac.uk
Factors Amplifying or Inhibiting Cyber Threat Intelligence Sharing
Nainna, Muhammad A; Bass, Julian M; Speakman, Lee
Authors
Prof Julian Bass J.Bass@salford.ac.uk
Professor of Software Engineering
Dr Lee Speakman L.Speakman@salford.ac.uk
Lecturer in Cyber Security
Abstract
The increasing frequency of cyberattacks by criminal and state-sponsored actors, has elevated the importance of cyber threat intelligence for organisations. We are interested to understand why practitioner share cyber threat intelligence and the impediments that prevent sharing. This paper addresses practitioners' perceptions of factors that influence cyber threat intelligence sharing. To find out the factors that influence why cyber security practitioners share or don't share. We conducted research interviews with nine cyber security practitioners using a semi-structured, open-ended interview guide which were recorded and transcribed. We also analysed the data using an approach informed by grounded theory. We coded the data, organised the data into themes, and used constant comparison to check our code's consistency and accuracy. Furthermore, we developed memos, from which our theory emerged. Ultimately, our analysis revealed a new phenomenon, which we call Cir-cumstantial Sharing. In circumstantial sharing, practitioners may rigorously discover and mitigate cyber threats and inform top management. However, practitioners my experience pressure from management not to share cyber threat intelligence with external organisations. This is significant because cyber threat intelligence sharing is an important weapon to resist future malicious cyber-attacks. We observed three main impediments to cyber threat intelligence sharing: fear of potential penalties imposed by regulatory authorities, concerns about sharing cyber threat findings with competitors or adversaries and the financial cost of sharing cyber threat intelligence. It is our hypothesis that overcoming the impediments we have observed will facilitate increased cyber threat intelligence sharing and hence help resistance to future cyber-attack.
Citation
Nainna, M. A., Bass, J. M., & Speakman, L. (2024). Factors Amplifying or Inhibiting Cyber Threat Intelligence Sharing.
Conference Name | European, Mediterranean, and Middle Eastern Conference on Information Systems |
---|---|
Start Date | Dec 11, 2023 |
End Date | Dec 12, 2023 |
Acceptance Date | Nov 3, 2023 |
Online Publication Date | Mar 30, 2024 |
Publication Date | Mar 30, 2024 |
Deposit Date | Dec 14, 2023 |
Publisher | Springer |
Publisher URL | https://link.springer.com/chapter/10.1007/978-3-031-56481-9_14 |
You might also like
A comparison of deep learning techniques for corrosion detection
(2022)
Conference Proceeding
Multi-cloud load distribution for three-tier applications
(2022)
Journal Article
Downloadable Citations
About USIR
Administrator e-mail: library-research@salford.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search