short-paper

Anonymity vs. Trust in Cyber-Security Collaboration

Authors:

Stuart Murdoch,

Nick LeaverAuthors Info & Claims

WISCS '15: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security

Pages 27 - 29

https://doi.org/10.1145/2808128.2808134

Published: 12 October 2015 Publication History

Get Access

Abstract

With the growing threat from overseas and domestic cyber attacks inter-organization cyber-security information sharing is an essential contributor to helping governments and industry to protect and defend their critical network infrastructure from attack. Encouraging collaboration directly impacts the defensive capabilities of all organizations involved in any cyber-information sharing community. A barrier to successful collaboration is the conflicting needs of collaborators to be able to both protect the source of their information for sensitivity, legal, or public relations reasons, but also to validate and trust the information shared with them. This paper uses as an example the UK government's Cyber-Security Information Sharing Partnership (CiSP), an online collaboration environment created by Surevine for sharing and collaborating on cyber-security information across UK industry and government. We discuss the organization and operating principles of the collaboration environment, how the community is structured, and the barriers to participation caused by the conflict between the need for anonymity versus the need to trust the information shared.

References

[1]

Kuchler, H. 2014. Cisco warns of 'unprecedented growth' in cyber attacks. FT.com http://on.ft.com/LiQyVD

Google Scholar

[2]

US-CERT Traffic Light Protocol (TLP): https://www.us-cert.gov/tlp

Google Scholar

[3]

CiSP terms and conditions: https://www.cert.gov.uk/wp-content/uploads/2014/08/UK-CISP-Terms-and-Conditions-v2.0-dated-1-August-2013.pdf

Google Scholar

[4]

The Chatham House Rule: http://www.chathamhouse.org/about/chatham-house-rule

Google Scholar

[5]

Nonaka, I., and Konno, N. The concept of "Ba": building a foundation for knowledge creation. California Management Review; Spring 98; Vol. 40 Issue 3, p 40.

Google Scholar

[6]

Krishnamurthy, S. On the intrinsic and extrinsic motivation of free/libre/open source (FLOSS) developers. Knowledge, Technology & Policy, Winter 2006, Vol. 18 No. 4, pp. 17--39.

Google Scholar

Cited By

View all

Jesus VBains BChang V(2024)Sharing Is Caring: Hurdles and Prospects of Open, Crowd-Sourced Cyber Threat IntelligenceIEEE Transactions on Engineering Management10.1109/TEM.2023.3279274(1-20)Online publication date: 2024
https://doi.org/10.1109/TEM.2023.3279274
Ho HKo RMazerolle LGilmour JMiao C(2024)Using Situational Crime Prevention (SCP)-C3 cycle and common inventory of cybersecurity controls from ISO/IEC 27002:2022 to prevent cybercrimesJournal of Cybersecurity10.1093/cybsec/tyae02010:1Online publication date: 19-Nov-2024
https://doi.org/10.1093/cybsec/tyae020
Yadav S(2024)Social botnets and the challenges of cyber situation awarenessAI and Ethics10.1007/s43681-024-00530-6Online publication date: 14-Aug-2024
https://doi.org/10.1007/s43681-024-00530-6
Show More Cited By

Index Terms

Anonymity vs. Trust in Cyber-Security Collaboration
1. Human-centered computing
  1. Collaborative and social computing
    1. Collaborative and social computing theory, concepts and paradigms
      1. Computer supported cooperative work
2. Social and professional topics
  1. Professional topics
    1. Computing and business
      1. Computer supported cooperative work

Recommendations

From information security to cyber security

The term cyber security is often used interchangeably with the term information security. This paper argues that, although there is a substantial overlap between cyber security and information security, these two concepts are not totally analogous. ...
Cyber Security and Trust
IC3K 2015: Proceedings of the International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management

Functions vital to society, such as public protection and disaster relief (PPDR), are increasingly dependent on networks, electricity and data processing infrastructure. Incidents such as natural hazards and organized crime do not respect national ...
Cyber-Security and Risk Management in an Interoperable World

The Internet facilitates a level of interoperability that generates considerable innovation and opportunity. Yet threats to governments, businesses, and individuals who use the Internet are increasing exponentially. This article deploys an ...

Comments

Information & Contributors

Information

Published In

WISCS '15: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security

October 2015

84 pages

ISBN:9781450338226

DOI:10.1145/2808128

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Tomas Sander
HP, USA
,
Moti Yung
Columbia University and Google, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12, 2015

Colorado, Denver, USA

Acceptance Rates

WISCS '15 Paper Acceptance Rate 6 of 16 submissions, 38%;

Overall Acceptance Rate 23 of 58 submissions, 40%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
723
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)6

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Jesus VBains BChang V(2024)Sharing Is Caring: Hurdles and Prospects of Open, Crowd-Sourced Cyber Threat IntelligenceIEEE Transactions on Engineering Management10.1109/TEM.2023.3279274(1-20)Online publication date: 2024
https://doi.org/10.1109/TEM.2023.3279274
Ho HKo RMazerolle LGilmour JMiao C(2024)Using Situational Crime Prevention (SCP)-C3 cycle and common inventory of cybersecurity controls from ISO/IEC 27002:2022 to prevent cybercrimesJournal of Cybersecurity10.1093/cybsec/tyae02010:1Online publication date: 19-Nov-2024
https://doi.org/10.1093/cybsec/tyae020
Yadav S(2024)Social botnets and the challenges of cyber situation awarenessAI and Ethics10.1007/s43681-024-00530-6Online publication date: 14-Aug-2024
https://doi.org/10.1007/s43681-024-00530-6
Safitra MLubis MFakhrurroja H(2023)Counterattacking Cyber Threats: A Framework for the Future of CybersecuritySustainability10.3390/su15181336915:18(13369)Online publication date: 6-Sep-2023
https://doi.org/10.3390/su151813369
Jollès EGillard SPercia David DStrohmeier MMermoud A(2023)Building Collaborative Cybersecurity for Critical Infrastructure Protection: Empirical Evidence of Collective Intelligence Information Sharing Dynamics on ThreatFoxCritical Information Infrastructures Security10.1007/978-3-031-35190-7_10(140-157)Online publication date: 8-Jun-2023
https://doi.org/10.1007/978-3-031-35190-7_10
Fischer PGillard S(2023)Next Generation ISACs: Simulating Crowdsourced Intelligence for Faster Incident ResponseCyberdefense10.1007/978-3-031-30191-9_4(49-66)Online publication date: 20-Sep-2023
https://doi.org/10.1007/978-3-031-30191-9_4
Zibak ASauerwein CSimpson A(2022)Threat Intelligence Quality Dimensions for Research and PracticeDigital Threats: Research and Practice10.1145/34842023:4(1-22)Online publication date: 10-Mar-2022
https://dl.acm.org/doi/10.1145/3484202
Brilingaitė ABukauskas LJuozapavičius AKutka E(2022)Overcoming information-sharing challenges in cyber defence exercisesJournal of Cybersecurity10.1093/cybsec/tyac0018:1Online publication date: 28-Jan-2022
https://doi.org/10.1093/cybsec/tyac001
Dunnett KPal SJadidi Z(2022)Challenges and Opportunities of Blockchain for Cyber Threat Intelligence SharingSecure and Trusted Cyber Physical Systems10.1007/978-3-031-08270-2_1(1-24)Online publication date: 3-Sep-2022
https://doi.org/10.1007/978-3-031-08270-2_1
Sauerwein CFischer DRubsamen MRosenberger GStelzer DBreu R(2021)From Threat Data to Actionable Intelligence: An Exploratory Analysis of the Intelligence Cycle Implementation in Cyber Threat Intelligence Sharing PlatformsProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470048(1-9)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470048
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

From information security to cyber security

Cyber Security and Trust

Cyber-Security and Risk Management in an Interoperable World