430 pages | 10 B/W Illus.
Threat intelligence is a surprisingly complex topic that goes far beyond the obvious technical challenges of collecting, modelling and sharing technical indicators. Most books in this area focus mainly on technical measures to harden a system based on threat intel data and limit their scope to single organizations only. This book provides a unique angle on the topic of national cyber threat intelligence and security information sharing. It also provides a clear view on ongoing works in research laboratories world-wide in order to address current security concerns at national level. It allows practitioners to learn about upcoming trends, researchers to share current results, and decision makers to prepare for future developments.
1. Introduction, Florian Skopik
2. A Systematic Study and Comparison of Attack Scenarios and Involved Threat Actors, Timea Pahi and Florian Skopik
3. From Monitoring, Logging, and Network Analysis to Threat Intelligence Extraction, Ivo Friedbert, Markus Werzenberger, Abdullah Al Balushi, and Boojong Kang
4. The Importance of Information Sharing and Its Numerous Dimensions to Circumvent Incidents and Mitigate Cyber Threats, Florian Skopik, Guiseppe Settanni, and Roman Fiedler
5. Cyber Threat Intelligence Sharing through National and Sector-Oriented Communities, Frank Fransen and Richard Kerkdijk
6. Situational Awareness for Strategic Decision Making on a National Level, Maria Leitner, Timea Pahi, and Florian Skopik
7. Legal Implications of Information Sharing, Jessica Schroers and Damian Clifford
8. Implementation Issues and Obstacles from a Legal Perspective, Erich Schweighofer, Vinzenz Heussler, and Walter Hotzendorfer
9. Real-World Implementation of an Information Sharing Network: Lessons Learned from the Large-Scale European Research Project ECOSSIAN, Giuseppe Settanni and Timea Pahi