Exploring the Value of a Cyber Threat Intelligence Function in an Organization - Information Security Education. Information Security in Action Access content directly
Conference Papers Year : 2020

Exploring the Value of a Cyber Threat Intelligence Function in an Organization

Jacques Ophoff
  • Function : Author
  • PersonId : 1113689
Anzel Berndt
  • Function : Author
  • PersonId : 1113690

Abstract

Organizations can struggle to cope with the rapidly advancing threat landscape. A cyber threat intelligence (CTI) function broadly aims to understand how threats operate to better protect the organization from future attacks. This seems like a natural step to take in hardening security. However, CTI is understood and experienced differently across organizations. To explore the value of this function this study used a qualitative method, guided by the Socio-Technical Framework, to understand how the CTI function is interpreted by organizations in South Africa. Thematic analysis was used to provide an in-depth view of how each organization implemented its CTI function and what benefits and challenges they’ve experienced. Findings show that CTI tasks tend to be more manual and resource-intensive, but these challenges can be resolved through automation. It was noted that only larger organizations seem to have the budget and resources available to implement the CTI function, whereas smaller organizations put more reliance on tools. It was observed that skills for the CTI function can be learned on the job, but that formal education provides a good foundation. The findings illustrate the value the CTI function can provide an organization but also the challenges, thereby enabling other organizations to improve preparation before such a function is adopted.
Fichier principal
Vignette du fichier
497436_1_En_7_Chapter.pdf (324.12 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-03380693 , version 1 (15-10-2021)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Jacques Ophoff, Anzel Berndt. Exploring the Value of a Cyber Threat Intelligence Function in an Organization. 13th IFIP World Conference on Information Security Education (WISE), Sep 2020, Maribor, Slovenia. pp.96-109, ⟨10.1007/978-3-030-59291-2_7⟩. ⟨hal-03380693⟩
33 View
3 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More