Collaborative Cyber Threat Intelligence Detecting and Responding to Advanced Cyber Attacks at the National Level
Threat intelligence is a surprisingly complex topic that goes far beyond the obvious technical challenges of collecting, modelling and sharing technical indicators. Most books in this area focus mainly on technical measures to harden a system based on threat intel data and limit their scope to single organizations only. This book provides a unique angle on the topic of national cyber threat intelligence and security information sharing. It also provides a clear view on ongoing works in research laboratories world-wide in order to address current security concerns at national level. It allows practitioners to learn about upcoming trends, researchers to share current results, and decision makers to prepare for future developments.
1. Introduction. 2. A Systematic Study and Comparison of Attack Scenarios and Involved Threat Actors. 3. From Monitoring, Logging, and Network Analysis to Threat Intelligence Extraction. 4. The Importance of Information Sharing and Its Numerous Dimensions to Circumvent Incidents and Mitigate Cyber Threats. 5. Cyber Threat Intelligence Sharing through National and Sector-Oriented Communities. 6. Situational Awareness for Strategic Decision Making on a National Level. 7. Legal Implications of Information Sharing. 8. Implementation Issues and Obstacles from a Legal Perspective. 9. Real-World Implementation of an Information Sharing Network: Lessons Learned from the Large-Scale European Research Project ECOSSIAN.