“In the public interest”: The privacy implications of international business-to-business sharing of cyber-threat intelligence
Citations
113 citations
35 citations
Cites background from "“In the public interest”: The priva..."
...These include the legal and privacy implications in sharing CTI across borders and jurisdictions (also the focus in [24] and [25]), which have recently received great attention due to the general data protection regulation (GDPR), the requirement of a critical mass for CTI sharing sources that characterises its effectiveness, along with the belief that the main impediment to security data sharing is the lack of a suitable platform that addresses the issues of formats and legal boundaries for CTI data....
[...]
29 citations
Cites background from "“In the public interest”: The priva..."
...the literature are trust and privacy [12], [16], [17], [19]....
[...]
...Trust remains a very human element in an exchange of information in a CTI sharing context; however, there have been proposals to automate the trust element with computation [19], [8]....
[...]
...However, not every CSIRT will use the same SIEM system, therefore different CSIRTs will have access to different external threat intelligence data, creating silos of information and information that is only available to the users of that particular system [19]....
[...]
20 citations
14 citations