Alan Paice
Practical Cyber Threat Intelligence in the UK Energy Sector
Paice, Alan; McKeown, Sean
Abstract
The UK energy sector is a prime target for cyber-attacks by foreign states, criminals, ‘hacktivist’ groups, and terrorists. As Critical National Infrastructure (CNI), the industry needs to understand the threats it faces to mitigate risks and make efficient use of limited resources. Cyber Threat Intelligence (CTI) sharing is one means of achieving this, by leveraging sector-wide knowledge to combat ongoing mutual threats. However, being unable to segregate intelligence or to control what is disseminated to which parties, and by which means, has impeded industry cooperation thus far. The purpose of this study is to investigate the barriers to sharing and to add to the body of knowledge of CTI in the UK energy sector, while providing some level of assurance that existing tooling is fit-for-purpose. We achieve these aims by conducting a multivocal literature review and by experimentation using a simulated Malware Information Sharing Platform (MISP) community in a virtual environment. This work demonstrates that trust can be placed in the open-source MISP platform, with the caveat that the sharing models and tooling limitations are understood, while also taking care to create appropriate deployment taxonomies and sharing rules. It is hoped that some of the identified barriers are partially alleviated, helping to lay the foundations for a UK Energy sector CTI sharing community.
Citation
Paice, A., & McKeown, S. (2023). Practical Cyber Threat Intelligence in the UK Energy Sector. In Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media (3-23). https://doi.org/10.1007/978-981-19-6414-5_1
| Conference Name | International Conference on Cybersecurity, Situational Awareness and Social Media (Cyber Science 2022) |
|---|---|
| Conference Location | Cardiff Metropolitan University, Wales |
| Start Date | Jun 20, 2022 |
| End Date | Jun 21, 2022 |
| Acceptance Date | May 2, 2022 |
| Online Publication Date | Mar 8, 2023 |
| Publication Date | 2023-03 |
| Deposit Date | Jun 20, 2022 |
| Publicly Available Date | Mar 9, 2024 |
| Publisher | Springer |
| Pages | 3-23 |
| Series Title | Springer Proceedings in Complexity |
| Series ISSN | 2213-8692 |
| Book Title | Proceedings of the International Conference on Cybersecurity, Situational Awareness and Social Media |
| ISBN | 978-981-19-6413-8 |
| DOI | https://doi.org/10.1007/978-981-19-6414-5_1 |
| Keywords | Cyber Threat Intelligence, CTI, Information Sharing, Cybersecurity, Situational Awareness |
| Public URL | http://researchrepository.napier.ac.uk/Output/2880543 |
Files
Practical Cyber Threat Intelligence In The UK Energy Sector (accepted version)
(894 Kb)
PDF
Practical Cyber Threat Intelligence In The UK Energy Sector (submitted Version)
(890 Kb)
PDF
You might also like
Hamming Distributions of Popular Perceptual Hashing Techniques
(2023)
Journal Article
A forensic analysis of streaming platforms on Android OS
(2022)
Journal Article
Microtargeting or Microphishing? Phishing Unveiled
(2020)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search