Litcius/Paper detail

Improving Threat Mitigation Through a Cybersecurity Risk Management Framework: A Computational Design Science Approach

Benjamin Ampel, Sagar Samtani, Hongyi Zhu, Hsinchun Chen, Jay F. Nunamaker

2024Journal of Management Information Systems31 citationsDOIOpen Access PDF

Abstract

Cyberattacks have been increasing in volume and intensity, necessitating proactive measures. Cybersecurity risk management frameworks are deployed to provide actionable intelligence to mitigate potential threats by analyzing the available cybersecurity data. Existing frameworks, such as MITRE ATT&CK, provide timely mitigation strategies against attacker capabilities yet do not account for hacker data when developing cyber threat intelligence. Therefore, we developed a novel information technology artifact, ATT&CK-Link, which incorporates a novel transformer and multi-teacher knowledge distillation design, to link hacker threats to this broadly used framework. Here, we illustrated how hospital systems can use this framework to proactively protect their cyberinfrastructure against hacker threats. Our ATT&CK-Link framework has practical implications for cybersecurity professionals, who can implement our framework to generate strategic, operational, and tactical cyber threat intelligence. ATT&CK-Link also contributes to the information systems knowledge base by providing design principles to pursue targeted cybersecurity analytics, risk management, and broader text analytics research through simultaneous multi-modal (e.g., text and code) distillation and classification.

Topics & Concepts

HackerComputer scienceComputer securityAnalyticsRisk managementRisk management frameworkDesign scienceDesign science researchRisk analysis (engineering)Data scienceInformation systemKnowledge managementRisk assessmentEngineeringBusinessIT risk managementElectrical engineeringFinanceInformation and Cyber SecurityData Quality and ManagementCybercrime and Law Enforcement Studies