As cyber threats keep changing and business environments adapt, a
comprehensive approach to disaster recovery involves more than just defensive
measures. This research delves deep into the strategies required to respond to
threats and anticipate and mitigate them proactively. Beginning with understanding
the critical need for a layered defense and the intricacies of the attacker’s
journey, the research offers insights into specialized defense techniques,
emphasizing the importance of timely and strategic responses during incidents.
Risk management is brought to the forefront, underscoring businesses’ need to
adopt mature risk assessment practices and understand the potential risk impact
areas. Additionally, the value of threat intelligence is explored, shedding
light on the importance of active engagement within sharing communities and the
vigilant observation of adversary motivations. “Beyond Defense: Proactive
Approaches to Disaster Recovery and Threat Intelligence in Modern Enterprises”
is a comprehensive guide for organizations aiming to fortify their
cybersecurity posture, marrying best practices in proactive and reactive
measures in the ever-challenging digital realm.
References
[1]
Operational Procedures and Responsibilities (2020) ISO 27001 Annex A.12.1. ISMS. https://tinyurl.com/2rk3te2s
[2]
Newhouse, W. and Keith, S. (2020) National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST SP 800-181. https://bit.ly/3qcK5Bt
[3]
ISO/IEC 27001:2022 (2013) Information Technology, Security Techniques, Information Security Management Systems, Requirements. https://www.iso.org/standard/54534.html
[4]
Naik, N., Jenkins, P., Grace, P. and Song, J. (2022) Comparing Attack Models for Its Systems: Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework, and Diamond Model. 2022 IEEE International Symposium on Systems Engineering (ISSE), Vienna, 24-26 October 2022, 1-7. https://tinyurl.com/3y2u7h5m https://doi.org/10.1109/ISSE54508.2022.10005490
[5]
Rajesh, P., Alam, M., Tahernezhadi, M., Monika, A. and Chanakya, G. (2022) Analysis of Cyber Threat Detection and Emulation Using MITRE Attack Framework. 2022 International Conference on Intelligent Data Science Technologies and Applications, San Antonio, TX, 5-7 September 2022, 4-12. https://ieeexplore-ieee-org.proxymu.wrlc.org/abstract/document/9923170 https://doi.org/10.1109/IDSTA55301.2022.9923170
[6]
Souppaya, M. and Scarfone, K. (2021) Guide to Enterprise Patch Management Planning: Preventive Maintenance for Technology. NIST SP 8040-40 Rev. 4. https://bit.ly/36pQpOW
[7]
Ainslie, S., Thompson, D., Maynard, S. and Ahmad, A. (2023) Cyber-Threat Intelligence for Security Decision-Making: A Review and Research Agenda for Practice. Computers & Security, 132, Article 103352. https://www.sciencedirect.com/science/article/pii/S0167404823002626 https://doi.org/10.1016/j.cose.2023.103352
[8]
Johnson, C. and Badger, L. (2016) Guide to Cyber Threat Information Sharing. NIST Special Publication 800-150. https://bit.ly/37HRmTs https://doi.org/10.6028/NIST.SP.800-150
[9]
Kirkland, T. (2020) The Importance of ITSM for Patch Management. JetPatch. https://bit.ly/3JmJ6Gn
[10]
Souppaya, M. and Stine, K. (2020) Critical Cybersecurity Hygiene. Patching the Enterprise. NCCoE. https://bit.ly/3Gq7Afz
[11]
Hassold, C. (2021) Cyber Threat Intelligence: How to Stay Ahead of Threats. Agari. https://bit.ly/3qjnBPb
[12]
Johnson, C., Feldman, L. and Witte, G. (2017) Cyber-Threat Intelligence and Information Sharing, NIST. https://bit.ly/3tkFQ8F
[13]
Kotsias, J., Ahmad, A. and Scheepers, R. (2023) Adopting and Integrating Cyber-Threat Intelligence in a Commercial Organization. European Journal of Information Systems, 32, 35-51. https://www.tandfonline.com/doi/pdf/10.1080/0960085X.2022.2088414 https://doi.org/10.1080/0960085X.2022.2088414
[14]
Microsoft (2021) Automating Threat Actor Tracking: Understanding Attacker Behavior for Intelligence and Contextual Alerting. https://www.microsoft.com/en-us/security/blog/2021/04/01/automating-threat-actor-tracking-understanding-attacker-behavior-for-intelligence-and-contextual-alerting/
[15]
Leite, C., den Hartog, J., Ricardo dos Santos, D. and Costante, E. (2022) Actionable Cyber Threat Intelligence for Automated Incident Response. In: Reiser, H.P. and Kyas, M., Eds., Secure IT Systems. NordSec 2022. Lecture Notes in Computer Science, Vol. 13700, Springer, Cham, 368-385. https://daniel-rs.github.io/files/publications/nordsec2022_paper.pdf https://doi.org/10.1007/978-3-031-22295-5_20
[16]
Razaulla, S., Fachkha, C., Markarian, C., Gawanmeh, A., Mansoor, W., Fung, B. C. and Assi, C. (2023) The Age of Ransomware: A Survey on the Evolution, Taxonomy, and Research Directions. IEEE Access, 11, 40698-40723. https://ieeexplore.ieee.org/iel7/6287639/6514899/10105244.pdf https://doi.org/10.1109/ACCESS.2023.3268535
[17]
Aldauiji, F., Batarfi, O. and Bayousef, M. (2022) Utilizing Cyber Threat Hunting Techniques to Find Ransomware Attacks: A Survey of the State of the Art. IEEE Access, 10, 61695-61706. https://ieeexplore.ieee.org/iel7/6287639/6514899/09791234.pdf https://doi.org/10.1109/ACCESS.2022.3181278
