Collaborative Cyber Threat Information Sharing Framework for Collective Cyber Defense in Ethiopia
No Thumbnail Available
Date
2024-10
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
Nowadays, the rapid development of information technology and digitalization has posed a significant challenge to organizations by expanding the attack surface for sophisticated cyber threats. An ordinary security solution by organizations such as end point detection systems, intrusion detection systems, and security information and event management systems are no longer sufficient to address the complexity of these cyber threats. Collaborative approaches for collective cyber defense through sharing threat information is crucial for organizations to proactively defend against the increasing number and complexity of security incidents in the rapidly evolving cyber threat landscape. To improve the current poor culture of collaboration in threat information sharing among stakeholders in Ethiopia, this research proposes an innovative national collaborative threat information sharing framework. This framework includes three essential components: (1) a collaboration structure employing a hybrid CTI (cyber threat information) sharing model that integrates both peer to peer and hub and spoke models to optimize information sharing among stakeholders; (2) a collaboration process inspired by the intelligence lifecycle and aligned with the NIST (National Institute of Standards and Technology) Cybersecurity Framework for efficient threat information sharing; and (3) a collaboration governance component addressing key CTI sharing governance concerns, including legal and regulatory compliance, privacy and security protocols, partnership strategies, training and awareness initiatives, and trust-building measures. This framework is developed with the specific context and legal landscape of Ethiopia, with the aim of ensuring the effectiveness of CTI sharing.
Description
Keywords
cyber security, cyber threat, cyber threat information sharing, framework, indicators of compromise