Scalable Security: Cyber Threat Information Sharing in the Internet Age
Abstract/Contents
- Abstract
The federal government has attempted to foster cyber threat information sharing within U.S. critical infrastructure industries for at least 16 years. Such efforts have produced today’s complex constellation of threat analysis centers and sharing organizations in various industries and government agencies, but have brought inconsistent observed improvement in cybersecurity outcomes. Meanwhile, successful but limited sharing relationships have formed separately among private companies and individuals. Objections to information sharing that are raised in the literature and press fall into a limited number of categories, each of which can be refuted relatively easily; the problem is therefore better viewed as a problem of insufficient perceived benefits rather than prohibitive costs.
While history demonstrates that sharing is a powerful tool for addressing collective threats, new analysis is clearly needed to explain why effective cyber sharing seems so difficult to accomplish effectively.
The Computational Policy analytical approach defined herein brings the power of the abstractions used in computer systems design to bear on difficult policy problems, allowing new analytical insights to inform policy choices.
Using this approach and new understanding of the cybersecurity threat landscape, analyses of three archetypal sharing designs—the watch floor, social network, and high-volume data sharing models—are presented and aspects of the current system are questioned.
Cybersecurity programs centered on human analysis are at a disadvantage as networks continue to grow; approaches which harness the power of algorithmic thinking and ever-growing computational resources have better hope of succeeding in the Internet Age.
Description
Type of resource | text |
---|---|
Date created | May 23, 2014 |
Creators/Contributors
Author | Gilbert, Connor | |
---|---|---|
Primary advisor | Berson, Thomas A. | |
Advisor | Hellman, Martin E. |
Subjects
Subject | computer security |
---|---|
Subject | cybersecurity |
Subject | cyber security |
Subject | information sharing |
Subject | cyber threat information sharing |
Subject | cybersecurity information sharing |
Subject | cyber threat sharing |
Subject | cyber defense sharing |
Subject | sharing |
Subject | cyber |
Subject | computer network defense |
Subject | Computer Science |
Subject | CS |
Subject | Center for International Security and Cooperation |
Subject | CISAC |
Subject | Freeman Spogli Institute for International Studies |
Subject | FSI |
Genre | Thesis |
Bibliographic information
Access conditions
- Use and reproduction
- User agrees that, where applicable, content will not be used to identify or to otherwise infringe the privacy or confidentiality rights of individuals. Content distributed via the Stanford Digital Repository may be subject to additional license and use restrictions applied by the depositor.
- License
- This work is licensed under a Creative Commons Attribution Non Commercial 3.0 Unported license (CC BY-NC).
Collection
Stanford University, Center for International Security and Cooperation, Interschool Honors Program in International Security Studies, Theses
View other items in this collection in SearchWorksContact information
- Contact
- connorg@cs.stanford.edu
Also listed in
Loading usage metrics...