Security professionals face with number of risks in area of cybersecurity every day. It is impossible to be on every place, all the times and protect of all possible attacks and attack methods. They need to balance risk and strike right point between investment and level of risk which is acceptable by their businesses.
Cybersecurity professionals use set of processes, methods, tools etc. to perform their work. Among other things, they use threat intelligences sources of information which can help them do their work better. Number of sources is huge; their confidence and reputation can vary. Consolidating this information in more structured manner, easier to “digest” and act on is one of issues. Also, confidence of sources is often questionable.
Goal of system is to improve ways to predict future threats and attacks, with certain probability and confidence, is one of real problems in cybersecurity. It can help to focus on: specific areas, goals of attacks, attack methods, times of attacks, origins etc.
Use crowdsourced threat intelligence to predict security attacks is promising area. Sometimes it is called wisdom of crowds. Gathering information from multiple widespread sources can help with better predictions.
These predictions can bi distributed to subscribers as data feeds or similar way based on chosen method (paid, free or combined).
People who contribute predictions can be rewarded in different ways: tokens, money, confidence score and/or status.
Open questions:
Two types of contributors of predictions:
General crowd
Security experts
Go to bigger community or to expert community primarily? Or create quality from quantity based on achieved confident score?
Risk: Can people make predictions happed artificially i.e. influence outcomes to get reward and how to protect from that type of fraud?
Another set of questions:
How to attract visitors to post their predictions
How to make it reputable source
How to make it popular and increase number of visitors
How to attract subscribers
What will be payment methods
How to structure rewards
How to structure subscriptions
Security professionals face with number of risks in area of cybersecurity every day. It is impossible to be on every place, all the times and protect of all possible attacks and attack methods. They need to balance risk and strike right point between investment and level of risk which is acceptable by their businesses. Cybersecurity professionals use set of processes, methods, tools etc. to perform their work. Among other things, they use threat intelligences sources of information which can help them do their work better. Number of sources is huge; their confidence and reputation can vary. Consolidating this information in more structured manner, easier to “digest” and act on is one of issues. Also, confidence of sources is often questionable. Goal of system is to improve ways to predict future threats and attacks, with certain probability and confidence, is one of real problems in cybersecurity. It can help to focus on: specific areas, goals of attacks, attack methods, times of attacks, origins etc.
Use crowdsourced threat intelligence to predict security attacks is promising area. Sometimes it is called wisdom of crowds. Gathering information from multiple widespread sources can help with better predictions. These predictions can bi distributed to subscribers as data feeds or similar way based on chosen method (paid, free or combined). People who contribute predictions can be rewarded in different ways: tokens, money, confidence score and/or status.
Open questions: Two types of contributors of predictions: General crowd Security experts Go to bigger community or to expert community primarily? Or create quality from quantity based on achieved confident score? Risk: Can people make predictions happed artificially i.e. influence outcomes to get reward and how to protect from that type of fraud? Another set of questions: How to attract visitors to post their predictions How to make it reputable source How to make it popular and increase number of visitors How to attract subscribers What will be payment methods How to structure rewards How to structure subscriptions