Abstract

Organizations and their security operation centers often struggle to detect and respond effectively to an extensive quantity of ever-evolving cyberattacks. While collaboration, such as threat intelligence sharing between security teams, and response automation are often discussed in the cybersecurity community, issues like data sensitivity and confidence in detection may hinder their adoption. This work investigates the potentials and challenges of collaboration and automation to enhance incident response processes. We propose a reference architecture for data sharing in threat detection and response, aiming to boost collaborative and automated efforts across organizations while also considering privacy-preserving features. To address these challenges and potentials, we discuss how such a framework could enhance current response processes within and between organizations, validated with results in local attack detection, incident response, and data sharing.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Optimizing Security Operations Centers for Enhanced Cyber Resilience
-
-
--
30 Jun 2024
Humans and Automation: Augmenting Security Operation Centers
Jack Tilbury ... Stephen Flowerday
Journal of Cybersecurity and Privacy | VOL. 4
Jack Tilbury, et. al.Jack Tilbury ... Stephen Flowerday
01 Jul 2024
Shift Happens: Human Factors Considerations for Handoffs in Cyber-Security Operations Centers
Crystal M Fausett ... Joseph R Keebler
Proceedings of the Human Factors and Ergonomics Society Annual Meeting | VOL. 66
Crystal M Fausett, et. al.Crystal M Fausett ... Joseph R Keebler
01 Sep 2022
A comprehensive security operation center based on big data analytics and threat intelligence
Jiarong Wang ... Dehai An
-
Jiarong Wang, et. al.Jiarong Wang ... Dehai An
22 Oct 2021
View more papers

More From: Digital Threats: Research and Practice

Paper Title
Journal
Date
Author
On Collaboration and Automation in the Context of Threat Detection and Response with Privacy-Preserving Features
Lasse Nitz ... Avikarsha Mandal
Digital Threats: Research and Practice | VOL. -
Lasse Nitz, et. al.Lasse Nitz ... Avikarsha Mandal
09 Dec 2024
Investigating Threats Posed by SMS Origin Spoofing to IoT Devices
Akaki Tsunoda
Digital Threats: Research and Practice | VOL. 5
Akaki TsunodaAkaki Tsunoda
09 Dec 2024
Social Media Authentication and Combating Deepfakes using Semi-fragile Invisible Image Watermarking
Aakash Varma Nadimpalli ... Ajita Rattani
Digital Threats: Research and Practice | VOL. -
Aakash Varma Nadimpalli, et. al.Aakash Varma Nadimpalli ... Ajita Rattani
12 Oct 2024
Fuzzing and Symbolic Execution for Multipath Malware Tracing: Bridging Theory and Practice via Survey and Experiments
Marcus Botacin
Digital Threats: Research and Practice | VOL. -
Marcus BotacinMarcus Botacin
11 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.