10 Sep 2019
Session Block—Cybersecurity 12:00 - 12:20

Sharing Cyber Threat Intelligence (CTI) is a key strategy for improving cyber defense, but there are risks of breaching regulations and laws regarding privacy. With regulations such as the General Data Protection Regulation (GDPR) that are designed to protect citizens' data privacy, the managers of CTI datasets need clear guidance on how and when it is legal to share such information. This presentation defines the impact that GDPR legal aspects may have on the sharing of CTI. In addition, we define adequate protection levels for sharing CTI to ensure compliance with the GDPR. We also present a model for evaluating the legal requirements for supporting decision making when sharing CTI, which also includes advice on the required protection level. Finally, we evaluate our model using use cases of sharing CTI datasets between entities.

What would the tags look like specifically? 

The output is assigning a DataTags (simple iconic or Notice list) and a custom policy that indicate how the CTI dataset can be shared.

Under what conditions would your implementation be successful? 

  • Analysing the GDPR that constrain the sharing of personal data. 

  • Approaches to assessing and mitigating risk when sharing CTI dataset.

 Does this approach scale? What are the data definitions? To what degree are you codifying policy - and how

  • We automate the assessment of the policy space rules that apply to a CTI dataset.

The presentation outlines

  • Introduction 

  • Methodology 

    • Data Tags

    • Policy Space 

    • CTI Policy Space

    • Assessment 

  • Evaluation

  • Conclusion and future work

De Montfort University/ University of Kent
Research Fellow in Cyber Security/ PhD Candidate


Discussion not started yet.