The Application of Analytics in Cyber Threat Intelligence

Streaming Media

Mentor Information

Clinton Daniel (Muma College of Business)

Description

As society ventures deeper into a technologically dependent realm, the need for cybersecurity continues to increase. The rapid increase in cyber threats calls for a streamlined efficient process that put potential targets one step ahead of threat actors. While cybersecurity continues to evolve, there is still room for improvement within the methods executed throughout the threat detection process. The evolution of cybersecurity has inspired the creation of security operation centers (SOCs) that are primarily put in place to monitor, prevent, and investigate active threats within an organization. Due to the significant amount of information collected and generated by the SOC it is often difficult to thoroughly examine all the data without any human error. In addition to this, it often slows the process of turning information into intelligence necessary to make important discoveries. Certain patterns, trends, and common methods can be difficult to spot and digest on a surface level. To combat this weakness and capitalize on information available, the application of analytics within cyber threat intelligence provides promising results with the right techniques. This thesis explores the application of analytics in cyber threat intelligence through a comprehensive case study of a security operations center and the data collected. This thesis will also seek to identify opportunities where data analytics can be implemented, determine how data analytics can be applied, and conclude on the comparative advantage if enforced.

This document is currently not available here.

Share

COinS
 

The Application of Analytics in Cyber Threat Intelligence

As society ventures deeper into a technologically dependent realm, the need for cybersecurity continues to increase. The rapid increase in cyber threats calls for a streamlined efficient process that put potential targets one step ahead of threat actors. While cybersecurity continues to evolve, there is still room for improvement within the methods executed throughout the threat detection process. The evolution of cybersecurity has inspired the creation of security operation centers (SOCs) that are primarily put in place to monitor, prevent, and investigate active threats within an organization. Due to the significant amount of information collected and generated by the SOC it is often difficult to thoroughly examine all the data without any human error. In addition to this, it often slows the process of turning information into intelligence necessary to make important discoveries. Certain patterns, trends, and common methods can be difficult to spot and digest on a surface level. To combat this weakness and capitalize on information available, the application of analytics within cyber threat intelligence provides promising results with the right techniques. This thesis explores the application of analytics in cyber threat intelligence through a comprehensive case study of a security operations center and the data collected. This thesis will also seek to identify opportunities where data analytics can be implemented, determine how data analytics can be applied, and conclude on the comparative advantage if enforced.