Risk Management Using Cyber-Threat Information Sharing and Cyber-Insurance

被引：13

作者：

Tosh, Deepak K. ^{[1
]}

Shetty, Sachin ^{[2
]}

Sengupta, Shamik ^{[3
]}

Kesan, Jay P. ^{[4
]}

Kamhoua, Charles A. ^{[5
]}

机构：

[1] Norfolk State Univ, Dept Comp Sci, Norfolk, VA 23504 USA

[2] Old Dominion Univ, Virginia Modeling Anal & Simulat Ctr, Norfolk, VA 23529 USA

[3] Univ Nevada, Dept Comp Sci & Engn, Reno, NV 89557 USA

[4] Univ Illinois, Coll Law, Urbana, IL USA

[5] Air Force Res Lab, Cyber Assurance Branch, Rome, NY USA

来源：

GAME THEORY FOR NETWORKS (GAMENETS 2017) | 2017年 / 212卷

基金：

美国国家科学基金会;

关键词：

Cybersecurity information sharing; Cyber-insurance; Cyber-threat intelligence; Cyber Security Information Sharing Act (CISA);

D O I：

10.1007/978-3-319-67540-4_14

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Critical infrastructure systems spanning from transportation to nuclear operations are vulnerable to cyber attacks. Cyber-insurance and cyber-threat information sharing are two prominent mechanisms to defend cybersecurity issues proactively. However, standardization and realization of these choices have many bottlenecks. In this paper, we discuss the benefits and importance of cybersecurity information sharing and cyber-insurance in the current cyber-warfare situation. We model a standard game theoretic participation model for cybersecurity information exchange (CYBEX) and discuss the applicability of economic tools in addressing important issues related to CYBEX and cyber-insurance. We also pose several open research challenges, which need to be addressed for developing a robust cyber-risk management capability.

引用

页码：154 / 164

页数：11

共 50 条

[41] Secure and Robust Cyber Security Threat Information Sharing
Bkakria, Anis
Yaich, Reda
Arabi, Walid
FOUNDATIONS AND PRACTICE OF SECURITY, FPS 2021, 2022, 13291 : 3 - 18
[42] Cyber Threat Information Sharing: Perceived Benefits and Barriers
Zibak, Adam
Simpson, Andrew
14TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2019), 2019,
[43] A framework for using insurance for cyber-risk management
Gordon, LA
Loeb, MP
Sohail, T
COMMUNICATIONS OF THE ACM, 2003, 46 (03) : 81 - 85
[44] How the United States Constructs Cyber-Threat Scenarios
Schmoldt, Janine
PROCEEDINGS OF THE 14TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS 2019), 2019, : 361 - 368
[45] Graph-theoretic characterization of cyber-threat infrastructures
Boukhtouta, Amine
Mouheb, Djedjiga
Debbabi, Mourad
Alfandi, Omar
Iqbal, Farkhund
El Barachi, May
DIGITAL INVESTIGATION, 2015, 14 : S3 - S15
[46] A scheme for the sticky policy representation supporting secure cyber-threat intelligence analysis and sharing
Osliak, Oleksii
Saracino, Andrea
Martinelli, Fabio
INFORMATION AND COMPUTER SECURITY, 2019, 26 (05) : 687 - 710
[47] PANACEA: a neural model ensemble for cyber-threat detection
AL-Essa, Malik
Andresini, Giuseppina
Appice, Annalisa
Malerba, Donato
MACHINE LEARNING, 2024, 113 (08) : 5379 - 5422
[48] Should Cyber-Insurance Providers Invest in Software Security?
Laszka, Aron
Grossklags, Jens
COMPUTER SECURITY - ESORICS 2015, PT I, 2015, 9326 : 483 - 502
[49] Will Cyber-Insurance Improve Network Security? A Market Analysis
Pal, Ranjan
Golubchik, Leana
Psounis, Konstantinos
Hui, Pan
2014 PROCEEDINGS IEEE INFOCOM, 2014, : 235 - 243
[50] The evolution of cyber-insurance industry and market: An institutional analysis
Kshetri, Nir
TELECOMMUNICATIONS POLICY, 2020, 44 (08)

← 1 2 3 4 5 →