A Business Process Oriented Dynamic Cyber Threat Intelligence Model

Cyber threat intelligence (CTI) is a method for strengthening information security. CTI provides information on threats and the countermeasures. Businesses can benefit from the defensive knowledge if the relevant CTI is found. However, business environments involve miscellaneous dynamics of the business processes that can dynamically change the contexts. Correspondingly, threats associated with the contextual risk factors can change dynamically at the same time. Every time the contextual changes take place, CTI-based defensive strategies for businesses may not be useful and effective any more. However, the existing connection strategies between CTI and business risk contexts are still somewhat static. This paper proposes a business process oriented dynamic CTI model. The model can observe and capture the dynamics from the business environments. Every time the dynamics are captured, the model will then trigger adjustments of the connection strategies within the model. We use a case study to illustrate the use of the model and present how the model adjusts the connection strategies according to the dynamics. We then conclude the paper with future directions of the research.

[1]  Yves Pigneur,et al.  Clarifying Business Models: Origins, Present, and Future of the Concept , 2005, Commun. Assoc. Inf. Syst..

[2]  WenAn Tan,et al.  A Business Process Intelligence System for Enterprise Process Performance Management , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[3]  Gunjan Samtani Business Process Management (BPM) , 2002 .

[4]  A. B. Ruighaver,et al.  Incident response teams - Challenges in supporting the organisational security function , 2012, Comput. Secur..

[5]  S. Radack The Common Vulnerability Scoring System (CVSS) , 2007 .

[6]  Ehab Al-Shaer,et al.  Data-driven analytics for cyber-threat intelligence and information sharing , 2017, Comput. Secur..

[7]  S. Ainsworth,et al.  Multiple Forms of Dynamic Representation. , 2004 .

[8]  Воробьев Антон Александрович Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database , 2013 .

[9]  Sergio de Cesare,et al.  Please Scroll down for Article Enterprise Information Systems a Literature Review on Business Process Modelling: New Frontiers of Reusability a Literature Review on Business Process Modelling: New Frontiers of Reusability , 2022 .

[10]  Howard Smith,et al.  Business Process Management: The Third Wave , 2003 .

[11]  Antonio Usai,et al.  Business Process Management (BPM): How complementary BPM capabilities can build an ambidextrous state in business process activities of family firms , 2018, Bus. Process. Manag. J..

[12]  Eric W. Burger,et al.  Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies , 2014, WISCS '14.

[13]  Oliver Thomas,et al.  Semantic Process Modeling – Design and Implementation of an Ontology-based Representation of Business Processes , 2009, Bus. Inf. Syst. Eng..

[14]  Eric Michael Hutchins,et al.  Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains , 2010 .

[15]  Karen A. Scarfone,et al.  Computer Security Incident Handling Guide , 2004 .