Maximizing the benefits from sharing cyber threat intelligence by government agencies and departments-Reference-Cited by-同舟云学术

Maximizing the benefits from sharing cyber threat intelligence by government agencies and departments

Published:2023-01-01 Issue:1 Volume:9 Page:
ISSN:2057-2085
Container-title:Journal of Cybersecurity
language:en
Short-container-title:

Author:

Dykstra Josiah¹,Gordon Lawrence A²,Loeb Martin P²^ORCID,Zhou Lei²

Affiliation:

1. Office of Innovation, National Security Agency, Ft. George G . Meade, MD 20755 , USA

2. Department of Accounting and Information Assurance, Robert H. Smith School of Business, University of Maryland , College Park, MD 20742 , USA

Abstract

AbstractThe primary objective of the current study is to analytically examine the economic benefits an organization can obtain by receiving and processing cyber threat intelligence (CTI) shared by the US government. Our results show that the benefits from receiving CTI are closely associated with the difference between the threat level indicated by the CTI and the receiving organization’s prior belief of the threat level. In addition, for the same difference between the threat levels indicated by the CTI and the organization’s prior belief, our analyses show that the magnitude of adjustments to an organization’s cybersecurity investments is inversely related to the organization’s prior belief of the threat level. Thus, larger benefits can be obtained when the receiving organization’s prior belief of a threat level is lower. Taken together, our results suggest that the common belief that it is optimal for a federal government agency or department to focus on sharing CTI related to vulnerabilities with the highest threat level is misguided. More generally, the benefits from CTI sharing can be improved if producers of CTI could develop a clearer understanding of the prior beliefs that organizations have concerning their threat level and focus on sharing CTI that is significantly different from those prior beliefs.

Funder

U.S. Department of Defense

Publisher

Oxford University Press (OUP)

Subject

Law,Computer Networks and Communications,Political Science and International Relations,Safety, Risk, Reliability and Quality,Social Psychology,Computer Science (miscellaneous)

Link

https://academic.oup.com/cybersecurity/article-pdf/9/1/tyad003/49736345/tyad003.pdf

Reference52 articles.

1. The state of threat feed effectiveness in the United States and United Kingdom;Ponemon Institute,2021

2. Presidential Decision Directive 63/NSC, 22 May 1998;Clinton

3. Executive Order 13691. Promoting private sector cybersecurity information sharing, 13 February 2015;Obama

4. What is an ISAC or ISAO? How these cyber threat information sharing organizations improve security, 26 July 2022;Vijayan

5. Information sharing in cybersecurity: a review;Pala;Decis Anal,2019

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Context-aware cyber-threat attribution based on hybrid features;ICT Express;2024-06

2. Effective Utilization of Government-Provided CTI by Small Businesses within the Defense Industrial Base;Journal of Information Security;2024