Skip to main content

Research Repository

Advanced Search

Practical Cyber Threat Intelligence in the UK Energy Sector

Paice, Alan; McKeown, Sean

Authors

Alan Paice



Abstract

The UK energy sector is a prime target for cyber-attacks by foreign states, criminals, ‘hacktivist’ groups, and terrorists. As Critical National Infrastructure (CNI), the industry needs to understand the threats it faces to mitigate risks and make efficient use of limited resources. Cyber Threat Intelligence (CTI) sharing is one means of achieving this, by leveraging sector-wide knowledge to combat ongoing mutual threats. However, being unable to segregate intelligence or to control what is disseminated to which parties, and by which means, has impeded industry cooperation thus far. The purpose of this study is to investigate the barriers to sharing and to add to the body of knowledge of CTI in the UK energy sector, while providing some level of assurance that existing tooling is fit-for-purpose. We achieve these aims by conducting a multivocal literature review and by experimentation using a simulated Malware Information Sharing Platform (MISP) community in a virtual environment. This work demonstrates that trust can be placed in the open-source MISP platform, with the caveat that the sharing models and tooling limitations are understood, while also taking care to create appropriate deployment taxonomies and sharing rules. It is hoped that some of the identified barriers are partially alleviated, helping to lay the foundations for a UK Energy sector CTI sharing community.

Presentation Conference Type Conference Paper (Published)
Conference Name International Conference on Cybersecurity, Situational Awareness and Social Media (Cyber Science 2022)
Start Date Jun 20, 2022
End Date Jun 21, 2022
Acceptance Date May 2, 2022
Online Publication Date Mar 8, 2023
Publication Date 2023-03
Deposit Date Jun 20, 2022
Publicly Available Date Mar 9, 2024
Publisher Springer
Pages 3-23
Series Title Springer Proceedings in Complexity
Series ISSN 2213-8692
Book Title Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media
ISBN 978-981-19-6413-8
DOI https://doi.org/10.1007/978-981-19-6414-5_1
Keywords Cyber Threat Intelligence, CTI, Information Sharing, Cybersecurity, Situational Awareness
Public URL http://researchrepository.napier.ac.uk/Output/2880543

Files

Practical Cyber Threat Intelligence In The UK Energy Sector (submitted Version) (890 Kb)
PDF


Practical Cyber Threat Intelligence In The UK Energy Sector (accepted version) (894 Kb)
PDF




You might also like



Downloadable Citations