A Comparative Study on Cyber Threat Intelligence: The Security Incident Response Perspective

Cyber Threat Intelligence (CTI) is threat information intended for security purposes. However, use for incident response demands standardization. This study examines the broader security incident response perspective. Introducing 18 core concepts, we assist efforts to establish and assess current st...

Full description

Saved in:
Bibliographic Details
Published in:IEEE Communications surveys and tutorials 2021-01, Vol.23 (4), p.2525-2556
Main Authors: Schlette, Daniel, Caselli, Marco, Pernul, Gunther
Format: Article
Language:English
Subjects:
Collaboration
Comparative studies
Cyber threat intelligence
Digital forensics
Format
incident response
Intelligence gathering
NIST
Organizations
playbook format
Security
Standardization
Structural members
Threat evaluation
Tutorials
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cyber Threat Intelligence (CTI) is threat information intended for security purposes. However, use for incident response demands standardization. This study examines the broader security incident response perspective. Introducing 18 core concepts, we assist efforts to establish and assess current standardization approaches. We further provide the reader with a detailed analysis of 6 incident response formats. While we synthesize structural elements, we point to characteristics and show format deficiencies. Also, we describe how core concepts can be used to determine a suitable format for a given use case. Our surveys' findings indicate a consistent focus on incident response actions within all formats. Besides, playbooks are used to represent procedures. Different use cases suggest that organizations can leverage and combine multiple formats. Finally, we discuss open research challenges to fully realize incident response potentials.
ISSN:1553-877X
1553-877X
2373-745X
DOI:10.1109/COMST.2021.3117338