Utilization and Sharing of Cyber Threat Intelligence Produced by Open-Source Intelligence

Authors

  • Jyri Rajamäki Laurea University of Applied Sciences
  • Stephen McMenamin

DOI:

https://doi.org/10.34190/iccws.19.1.2069

Keywords:

OSINT, cyber threat intelligence, cyber information sharing, DYNAMO project

Abstract

Open-source intelligence (OSINT) is crucial for enhancing organizational cybersecurity by proactively identifying and mitigating potential threats using publicly available information. This study, part of the DYNAMO project, explores the production of cyber threat information (CTI) through OSINT, its application in safeguarding against cyber threats, and the necessary elements for secure information exchange between organizations. The authors employed an integrative literature review of various sources, including industry literature, articles, blog posts, studies, and organizational websites, which were then systematically analyzed using content analysis. The research focuses on OSINT tools and techniques emphasizing the need for expertise in discerning relevant data and respecting privacy rights. Human judgment is highlighted as crucial in ethical decision-making despite the significant role of technology in data collection. Platforms like the Malware Information Sharing Platform (MISP) facilitate the sharing of threat information, promoting prevention and identification of cyber-attacks. Ethical considerations, adherence to data protection legislation, and compliance with directives like the revision of the Network and Information Security Directive (NIS2) and artificial intelligence regulations are paramount. In conclusion, OSINT is a valuable tool for cybersecurity, requiring expertise, transparent processes, and a balanced integration of technology and human skills. The ethical dimensions of OSINT and the role of artificial intelligence merit separate in-depth studies.

Author Biography

Jyri Rajamäki, Laurea University of Applied Sciences

Dr Jyri Rajamäki, Adjunct professor of Cybersecurity and Critical Infrastructure Protection, has 35 years of experience in the ICT field.  Currently, he contributes to several EU-funded research projects, research interests being resilient CPSs and ethical governance of safety-critical and/or classified information. Dr Rajamäki has authored more than 200 scientific publications.

Downloads

Published

2024-03-21