Reference Model to Identify the Maturity Level of Cyber Threat Intelligence on the Dark Web
Average rating
Cast your vote
You can rate an item by clicking the amount of stars they wish to award to this item.
When enough users have cast their vote on this item, the average rating will also be shown.
Star rating
Your vote was cast
Thank you for your feedback
Thank you for your feedback
Issue Date
2021-01-01Keywords
Cyber threat intelligenceCybersecurity
Dark web
Maturity model
Information assets
Intelligence tool
Maturity levels
Reference modeling
Technology managers
Metadata
Show full item recordJournal
Smart Innovation, Systems and TechnologiesDOI
10.1007/978-3-030-57548-9_15Additional Links
https://www.scopus.com/record/display.uri?eid=2-s2.0-85098151594&doi=10.1007%2f978-3-030-57548-9_15&origin=inward&txGid=e2613bebe1265409308d5eb2634d2ffeAbstract
In this article, we propose a reference model to identify the maturity level of the cyber intelligence threat process. This proposal considers the dark web as an important source of cyber threats causing a latent risk that organizations do not consider in their cybersecurity strategies. The proposed model aims to increase the maturity level of the process through a set of proposed controls according to the information found on the dark web. The model consists of three phases: (1) Identification of information assets using cyber threat intelligence tools. (2) Diagnosis of the exposure of information assets. (3) Proposal of controls according to the proposed categories and criteria. The validation of the proposal was carried out in an insurance institution in Lima, Peru, with data obtained by the institution. The measurement was made with artifacts that allowed to obtain an initial value of the current panorama of the company. Preliminary results showed 196 emails and passwords exposed on the dark web of which one corresponded to the technology manager of the company under evaluation. With this identification, it was diagnosed that the institution was at a “Normal” maturity level, and from the implementation of the proposed controls, the “Advanced” level was reached.Type
OtherRights
info:eu-repo/semantics/openAccessLanguage
engDescription
El texto completo de este trabajo no está disponible en el Repositorio Académico UPC por restricciones de la casa editorial donde ha sido publicado.ISSN
21903018EISSN
21903026ae974a485f413a2113503eed53cd6c53
10.1007/978-3-030-57548-9_15
Scopus Count
Collections