Building a Resilient Cybersecurity Posture: A Framework for Leveraging
Prevent, Detect and Respond Functions and Law Enforcement Collaboration
- URL: http://arxiv.org/abs/2303.10874v1
- Date: Mon, 20 Mar 2023 05:16:54 GMT
- Title: Building a Resilient Cybersecurity Posture: A Framework for Leveraging
Prevent, Detect and Respond Functions and Law Enforcement Collaboration
- Authors: Francesco Schiliro
- Abstract summary: This research paper compares and contrasts the CyRLEC Framework with the NIST Cybersecurity Framework.
The CyRLEC Framework takes a broader view of cybersecurity, including proactive prevention, early detection, rapid response to cyber-attacks, and close collaboration with law enforcement agencies.
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: This research paper proposes a framework for building a resilient
cybersecurity posture that leverages prevent, detect, and respond functions and
law enforcement collaboration. The Cybersecurity Resilience and Law Enforcement
Collaboration (CyRLEC) Framework is designed to provide a comprehensive and
integrated approach to cybersecurity that emphasizes collaboration with law
enforcement agencies to mitigate cyber threats. The paper compares and
contrasts the CyRLEC Framework with the NIST Cybersecurity Framework and
highlights the critical differences between the two frameworks. While the NIST
framework focuses on managing cybersecurity risk, the CyRLEC Framework takes a
broader view of cybersecurity, including proactive prevention, early detection,
rapid response to cyber-attacks, and close collaboration with law enforcement
agencies to investigate and prosecute cybercriminals. The paper also provides a
case study of a simulated real-world implementation of the CyRLEC Framework and
evaluates its effectiveness in improving an organization's cybersecurity
posture. The research findings demonstrate the value of the CyRLEC Framework in
enhancing cybersecurity resilience and promoting effective collaboration with
law enforcement agencies. Overall, this research paper contributes to the
growing knowledge of cybersecurity frameworks and provides practical insights
for organizations seeking to improve their cybersecurity posture.
Related papers
- Assessing The Effectiveness Of Current Cybersecurity Regulations And Policies In The US [0.0]
The study evaluates the impact of these regulations on different sectors and analyzes trends in cybercrime data from 2000 to 2022.
The findings highlight the challenges, successes, and the need for continuous adaptation in the face of evolving cyber threats.
arXiv Detail & Related papers (2024-04-17T15:26:55Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - A Comprehensive Analytical Review on Cybercrime in West Africa [0.0]
West-Africa countries face significant cybercrime challenges, exacerbated by inadequate resources and a dearth of security experts.
This study pinpoints potential cybercrime prevention strategies, such as leveraging the Triage framework.
Our research findings highlight the urgency for policymakers and law enforcement agencies to devise more efficient prevention strategies.
arXiv Detail & Related papers (2024-01-07T23:36:43Z) - Cyber Insurance for Cyber Resilience [13.712257570488756]
This chapter presents a review of the quantitative cyber insurance design framework.
It builds on the correlation between state-of-the-art attacker vectors and defense mechanisms.
Using the modern techniques in quantifying the risk preferences of individuals, we link the economic impacts of perception manipulation with moral hazard.
arXiv Detail & Related papers (2023-12-05T17:50:34Z) - A Systematization of Cybersecurity Regulations, Standards and Guidelines
for the Healthcare Sector [5.121113572240309]
This paper contributes a systematization of the significant cybersecurity documents relevant to the healthcare sector.
We collected the 49 most significant documents and used the NIST cybersecurity framework to categorize key information.
arXiv Detail & Related papers (2023-04-28T16:19:21Z) - Graph Mining for Cybersecurity: A Survey [61.505995908021525]
The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society.
Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities.
With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
arXiv Detail & Related papers (2023-04-02T08:43:03Z) - The Opportunity to Regulate Cybersecurity in the EU (and the World):
Recommendations for the Cybersecurity Resilience Act [1.2691047660244335]
Safety is becoming cybersecurity under most circumstances.
This should be reflected in the Cybersecurity Resilience Act when it is proposed and agreed upon in the European Union.
It is based on what the cybersecurity research community for long have asked for, and on what constitutes clear hard legal rules instead of soft.
arXiv Detail & Related papers (2022-05-26T07:20:44Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - A System for Efficiently Hunting for Cyber Threats in Computer Systems
Using Threat Intelligence [78.23170229258162]
We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI.
ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
arXiv Detail & Related papers (2021-01-17T19:44:09Z) - Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence [94.94833077653998]
ThreatRaptor is a system that facilitates threat hunting in computer systems using open-source Cyber Threat Intelligence (OSCTI)
It extracts structured threat behaviors from unstructured OSCTI text and uses a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities.
Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.
arXiv Detail & Related papers (2020-10-26T14:54:01Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.