Cyber Threat Intelligence Sharing: A Review of Concepts, Platforms, and Legal Considerations
Keywords:
Cyber Threat Intelligence, CTI sharing infrastructure, Threat Intelligence Platforms, Open Source Intelligence (OSINT)Abstract
There is a need for a collaboration-based response to check sophisticated attacks on computer-based systems by Cyber criminals through the sharing of relevant information between related targets of these criminals. The sharing of such information is referred to as Cyber Threat Intelligence sharing. This paper aims to introduce useful information to practising stakeholders and their organizations that can assist and convince their participation in Cyber Intelligence Sharing activities. The Rapid Literature Review (RLR) method is used to gather relevant data to answer key research questions including: What is Cyber Threat Intelligence? What are the terminologies and concepts that help to understand Cyber Threat Intelligence and the sharing of same? How is Cyber Threat Intelligence shared and what technology is used for sharing? And what are the legal matters arising in the sharing of Cyber Threat Intelligence? The paper focuses on defining key terminologies and concepts in the area, introducing Threat Intelligence Platforms used in sharing relevant information and explaining some legal matters arising from sharing Cyber Intelligence.
