A Problem Shared is a Problem Halved: A Survey on the Dimensions of Collective Cyber Defense Through Security Information Sharing
TL;DR: A structured overview about the dimensions of cyber security information sharing is provided, motivated in more detail and work out the requirements for an information sharing system, and a critical review of the state of the art is reviewed.
About: This article is published in Computers & Security.The article was published on 2016-07-01. It has received 166 citations till now. The article focuses on the topics: Information sharing & The Internet.
Citations
More filters
24 Jun 2019
TL;DR: The model provides a more effective and efficient framework for a CTI sharing network that has the potential to overcome the trust barriers and data privacy issues inherent in this domain.
Abstract: The aim of this research is to propose a new blockchain network model that facilitates the secure dissemination of Cyber Threat Intelligence (CTI) data. The primary motivations for this study are based around the recent changes to information security legislation in the European Union and the challenges that Computer Security and Incident Response Teams (CSIRT) face when trying to share actionable and highly sensitive data within systems where participants do not always share the same interests or motivations. We discuss the common problems within the domain of CTI sharing and we propose a new model, that leverages the security properties of blockchain. Our model provides a more effective and efficient framework for a CTI sharing network that has the potential to overcome the trust barriers and data privacy issues inherent in this domain. We implemented a testbed using Hyperledger Fabric and the STIX 2.0 protocol and validated the efficacy of the segmentation, implemented using smart contracts and Fabric channels.
29 citations
Cites background from "A Problem Shared is a Problem Halve..."
...the literature are trust and privacy [12], [16], [17], [19]....
[...]
26 Aug 2019
TL;DR: The findings aim to highlight the gap between the theory and practice of information sharing and provide input for future research into design principles for information sharing systems and ways to mitigate threat information sharing challenges.
Abstract: The literature on cyber security information sharing enumerates an extensive list of potential benefits for organisations in both the public and private sectors. However, despite the potential benefits, successful cyber security information sharing has been difficult to achieve. We report upon a study that sought to measure the extent to which the benefits and barriers suggested by the cyber security information sharing literature are reflected in the attitudes of practising security managers and analysts. A self-administered online survey was used. The survey consisted of: several questions about the participants' experience with cyber security information sharing; and two sets of Likert-type scale items to measure the respondents' attitudes regarding the benefits and barriers identified in the literature. Our findings aim to highlight the gap between the theory and practice of information sharing and provide input for future research into design principles for information sharing systems and ways to mitigate threat information sharing challenges.
28 citations
Cites background from "A Problem Shared is a Problem Halve..."
...These challenges, as the authors of [30] explain, are rooted in the fact that cyber security information sharing entails a great deal of multi-disciplinary research....
[...]
TL;DR: Results indicate that the leadership dimension and face-to-face interactions are important factors that determine the success of these teams and functional specialization within a team and well-guided leadership could be important predictors of timely detection and mitigation of ongoing cyber attacks.
26 citations
01 Jan 2017
TL;DR: Klem et al. as mentioned in this paper conducted a qualitative study of the National Network of Fusion Centers (NNF) to identify and understand elements that have been impacting the NNF's integration with broader national security efforts as well as identify items contributing to negative perceptions of fusion centers.
Abstract: Elements Impacting the Integration of the National Network of Fusion Centers with the U.S. National Security Strategy by Nicholas Klem MA, Naval Post Graduate School, 2014 BS, Upper Iowa University, 2003 AA, Barton County Community College, 1998 Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Public Policy and Administration Walden University November 2017 Abstract The National Network of Fusion Centers (Network) represents one of the post-9/11 era organizational efforts to strengthen the security of the homeland through collaboration, analysis, and information sharing. These entities have been subjected to criticisms and have been noted in studies as being deficient in certain areas suggesting that the Network has been experiencing problems with integrating the U.S. national security strategy. Using the multiple streams framework, the purpose of this phenomenological study was to identify and understand elements that have been impacting the Network’s integration with broader national security efforts as well as identify items contributing to negative perceptions of fusion centers. Data for this qualitative study were collected through interviews with 13 individuals working within the Network. Collected data elements were inductively coded and then analyzed, demonstrating the relevance of framework to this topic area. Research findings indicated that there were challenges with Network integration that were influenced by perceptions of problems/threats, views concerning a fusion center’s primary stakeholder, and constraints related to existing organizational policy and mandates. Barriers to integration stemmed from differing priorities, ineffective marketing, policy requirements, relationships, and limited resources. StudyThe National Network of Fusion Centers (Network) represents one of the post-9/11 era organizational efforts to strengthen the security of the homeland through collaboration, analysis, and information sharing. These entities have been subjected to criticisms and have been noted in studies as being deficient in certain areas suggesting that the Network has been experiencing problems with integrating the U.S. national security strategy. Using the multiple streams framework, the purpose of this phenomenological study was to identify and understand elements that have been impacting the Network’s integration with broader national security efforts as well as identify items contributing to negative perceptions of fusion centers. Data for this qualitative study were collected through interviews with 13 individuals working within the Network. Collected data elements were inductively coded and then analyzed, demonstrating the relevance of framework to this topic area. Research findings indicated that there were challenges with Network integration that were influenced by perceptions of problems/threats, views concerning a fusion center’s primary stakeholder, and constraints related to existing organizational policy and mandates. Barriers to integration stemmed from differing priorities, ineffective marketing, policy requirements, relationships, and limited resources. Study recommendations included the development of a strategic engagement plan, alignment of priorities, and increases in federal funding and representation. The implications for positive social change of this study are associated with proving transparency on the Network, informing national security agencies and decision makers on issues impacting integration, and promoting operational efficiencies. Elements Impacting the Integration of the National Network of Fusion Centers with the U.S. National Security Strategy by Nicholas Klem MA, Naval Post Graduate School, 2014 BS, Upper Iowa University, 2003 AA, Barton County Community College, 1998 Dissertation Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Public Policy and Administration Walden University November 2017 Dedication This academic journey over the last several years has proven to be as challenging as it has been rewarding, but has required significant sacrifice from my family that I would like to recognize. To my wife, Melanie, your support and encouragement has been, at many points throughout this program, the greatest driver for me. As in past career or academic endeavors, you have always grounded me, motivated me, and inspired me. I can never express in words my appreciation and devotion to you, but please understand that you are my “True North.” To my children, this has been another long haul guys and I appreciate you picking up some of the slack during my academic hibernation sessions that took place most weekends for the last few years. You three mean the world to your mother and I. I hope that you keep “getting at it,” learn, do, see, and experience all you can in the world and then share that with others. Acknowledgments I would like to express my gratitude for the support and mentorship from the members of my committee, Drs. Cole and Lane. I have learned a great deal from each of you during the coursework phase of this program and could not have made it through the daunting dissertation process without your guidance and expertise. Beyond survival through the program, I appreciate you providing me a template of the type of professor that I would like to be. To the participants in this study, who will obviously remain nameless, thank you for taking interest in this research and providing candid responses. I pray this study reflects the reality of the environment that you and your colleagues are working in every day and hope that this contribution positively informs decision-making in this field.
26 citations
TL;DR: Policy and managerial implications are provided for how firms should defend against hackers with various characteristics, including three corner solutions that deter disadvantaged hackers.
Abstract: A four period game between two firms and two hackers is analyzed. The firms first defend and the hackers thereafter attack and share information. Each hacker seeks financial gain, beneficial information exchange, and reputation gain. The two hackers’ attacks and the firms’ defenses are inverse U-shaped in each other. A hacker shifts from attack to information sharing when attack is costly or the firm’s defense is cheap. The two hackers share information, but a second more disadvantaged hacker receives less information, and mixed motives may exist between information sharing and own reputation gain. The second hacker’s attack is deterred by the first hacker’s reputation gain. Increasing information sharing effectiveness causes firms to substitute from defense to information sharing, which also increases in the firms’ unit defense cost, decreases in each firm’s unit cost of own information leakage, and increases in the unit benefit of joint leakage. Increasing interdependence between firms causes more information sharing between hackers caused by larger aggregate attacks, which firms should be conscious about. We consider three corner solutions. First and second, the firms deter disadvantaged hackers. When the second hacker is deterred, the first hacker does not share information. Third, the first hacker shares a maximum amount of information when certain conditions are met. Policy and managerial implications are provided for how firms should defend against hackers with various characteristics.
26 citations
References
More filters
01 May 2011
TL;DR: Last year marked a turning point in the history of cybersecurity-the arrival of the first cyber warfare weapon ever, known as Stuxnet, which followed a completely new approach that's no longer aligned with confidentiality, integrity, and availability thinking.
Abstract: Last year marked a turning point in the history of cybersecurity-the arrival of the first cyber warfare weapon ever, known as Stuxnet Not only was Stuxnet much more complex than any other piece of malware seen before, it also followed a completely new approach that's no longer aligned with conven tional confidentiality, integrity, and availability thinking Con trary to initial belief, Stuxnet wasn't about industrial espionage: it didn't steal, manipulate, or erase information Rather, Stuxnet's goal was to physically destroy a military target-not just meta phorically, but literally Let's see how this was done
1,548 citations
[...]
TL;DR: This analysis illustrates that the Big Data analytics is a fast-growing, influential practice and a key enabler for the social business and is critical for success in the age of social media.
Abstract: In this paper, we explain the concept, characteristics & need of Big Data & different offerings available in the market to explore unstructured large data. This paper covers Big Data adoption trends, entry & exit criteria for the vendor and product selection, best practices, customer success story, benefits of Big Data analytics, summary and conclusion. Our analysis illustrates that the Big Data analytics is a fast-growing, influential practice and a key enabler for the social business. The insights gained from the user generated online contents and collaboration with customers is critical for success in the age of social media.
811 citations
09 Jun 2003
TL;DR: This work formalizes the notion of minimal information sharing across private databases, and develops protocols for intersection, equijoin, intersection size, and Equijoin size.
Abstract: Literature on information integration across databases tacitly assumes that the data in each database can be revealed to the other databases. However, there is an increasing need for sharing information across autonomous entities in such a way that no information apart from the answer to the query is revealed. We formalize the notion of minimal information sharing across private databases, and develop protocols for intersection, equijoin, intersection size, and equijoin size. We also show how new applications can be built using the proposed protocols.
706 citations
"A Problem Shared is a Problem Halve..." refers background in this paper
...Usually there is a crucial economic tradeoff to be considered between economic benefit of sharing (Agrawal et al., 2003; Skopik and Li, 2013) and potential disadvantages, such as harm of reputation and commitment of costly resources....
[...]
TL;DR: This work conducted interviews in 20 organizations to identify ways in which interpersonal trust in a knowledge-sharing context develops and summarize behaviors and practices for managers interested in promoting trust (and thereby knowledge creation and sharing) within their own organizations.
Abstract: Executive Overview In many organizations, informal networks are the primary means by which employees find information, solve complex problems, and learn how to do their work. Two forms of interpersonal trust—trust in a person's competence and in a person's benevolence—enable effective knowledge creation and sharing in these networks. Yet, though conceptually appealing, trust is an elusive concept that is often difficult for managers to influence. We conducted interviews in 20 organizations to identify ways in which interpersonal trust in a knowledge-sharing context develops. Based on this work, we summarize behaviors (e.g., discretion, consistency, collaboration) and practices (e.g., building shared vision, ensuring transparency in decision-making, holding people accountable for trust) for managers interested in promoting trust (and thereby knowledge creation and sharing) within their own organizations.
684 citations
Book•
01 Jan 2003TL;DR: In this article, the authors established a foundation for shared understanding, integration, and trust in virtual teams, and proposed a framework for virtual teams to share knowledge and knowledge sharing among themselves.
Abstract: Part 1: Establishing the Foundation: Shared Understanding, Integration, & Trust.Introduction: Establishing the Foundation: Shared Understanding, Integration, & Trust (Susan G. Cohen and Cristina B. Gibson).Chapter 1: In the Beginning: Introduction and Framework (Susan G. Cohen and Cristina B. Gibson).Chapter 2: Knowledge Sharing And Shared Understanding In Virtual Teams (Pamela Hinds and Suzanne Weisband).Chapter 3: Managing The Global New Product Development Network: A Sensemaking Perspective (Susan Albers Mohrman, Janice A. Klein, and David Finegold).Chapter 4: Building Trust: Effective Multi-Cultural Communication Processes in Virtual Teams (Cristina B. Gibson and Jennifer A. Manuel).Summary: Establishing the Foundation (Susan G. Cohen and Cristina B. Gibson).Part 2: The Raw Materials: People and Context.Introduction: The Raw Materials: People and Context (Cristina B. Gibson and Susan G. Cohen).Chapter 5: Building a Winning Virtual Team: KSAs, Selection, Training, and Evaluation (Richard Blackburn, Stacie Furst, and Benson Rosen).Chapter 6: Pay Systems for Virtual Teams (Edward E. Lawler III).Chapter 7: Meeting the Performance Challenge: Calculating ROI for Virtual Teams (Alec R. Levenson and Susan G. Cohen).Summary: The Raw Materials (Cristina B. Gibson and Susan G. Cohen).Part 3: Constructing the Design: Leadership, Knowledge Management and Information Sharing.Introduction: Constructing the Design: Leadership, Knowledge Management and Information Sharing (Susan G. Cohen and Cristina B. Gibson).Chapter 8: Exploring Emerging Leadership in Virtual Teams (Kristi Lewis Tyran, Craig K. Tyran, and Morgan Shepherd).Chapter 9: Designing the Knowledge-Management Infrastructure for Virtual Teams: Building and Using Social Networks and Social Capital (Martha L. Maznevski and Nicholas A. Athanassiou).Chapter 10: Overcoming Barriers to Information Sharing in Virtual Teams (Catherine Durnell Cramton and Kara L. Orvis).Summary: Constructing the Design (Susan G. Cohen and Cristina B. Gibson).Part 4: Wiring that Connects: Implementing Information Technology.Introduction: Wiring that Connects: Implementing Information Technology (Susan G. Cohen and Cristina B. Gibson).Chapter 11: Context, Task and the Evolution of Technology Use in Global Virtual Teams (Kenneth Riopelle, Julia Gluesing, Tara Alcordo, Marietta Baba, David Britt, Willie McKether, Leslie Monplaisir, Hilary Ratner, and Kimberly Harris Wagner).Chapter 12: Technology Alignment and Adaptation for Virtual Teams Involved in Unstructured Knowledge Work (Nelson King and Ann Majchrzak).Chapter 13: Team or Community of Practice Aligning Tasks, Structures and Technologies (Arjan Raven).Summary: Wiring that Connects (Susan G. Cohen and Cristina B. Gibson).Part 5: It's All About Action: Processes and Development.Introduction: It's All About Action: Processes and Development (Cristina B. Gibson and Susan G. Cohen).Chapter 14: Influence and Political Processes in Virtual Teams (Efrat Elron and Eran Vigoda).Chapter 15: Conflict and Virtual Teams (Terri L. Griffith, Elizabeth A. Mannix, and Margaret A. Neale).Chapter 16: The Development of Global Virtual Teams (Julia Gluesing, Tara Alcordo, Marietta Baba, David Britt, Kimberly Harris Wagner, Willie McKether, Leslie Monplaisir, Hilary Ratner, and Kenneth Riopelle).Chapter 17: Closing the Time Gap in Virtual Teams (Janice A. Klein & Astrid Kleinhanns).Summary: It's All About Action (Cristina B. Gibson and Susan G. Cohen).Chapter 18: The Last Word: Conclusions and Implications (Cristina B. Gibson and Susan G. Cohen).
633 citations