Proactive Security Decision Support System informed by Cyber Threat Intelligence (PSDSS-CTI)

Abstract

This project will develop a proactive security decision supporting system that helps decision makers prioritise security investment within a changing threat landscape. This system will incorporate cyber threat intelligence and enable organisations to react timely to emerging threats, using tailored security solutions. It allows organisations to prioritise security actions subject to business constraints.

Timely Reaction to Emerging Threat
Cyber Threat Intelligence contains information about emerging threats and defence solutions. The system will take in threat intelligence from open source (e.g. UK/US CERT, NCSC, CISP) and feed it into decision-making processes. The decision-makers can then monitor the changing threat landscape and react to emerging threats timely and proactively.

Tailored Security Solution
Organisations may not react to the same threats in the same way due to their context difference (e.g. infrastructure, and business). Through measuring the relevance of the threats to the organisational individual context, this system will provide tailored security solutions to organisations, recommending whether a reaction is needed and what reactions to take.
Prioritised Security Actions & Security

Investment Trade-off
Organisation may not react to all emerging threats due to their business constraints (e.g. time, budget). This system will provide the organisations with a ranked list of threats and security solutions, recommending different decision strategies to satisfy organisations’ business constraints.

People

ORCID iD

Publications

10 25 50