A Cyberthreat Search Process and Service

Yogesh Bhanu, Sebastian Dännart, Henning von Kielpinski, Alexander Laux, Ulrike Lechner, Tobias Lehmann, Andreas Rieb, Martin Riedl, Florian Wolf

Abstract

Searching for IT-Security related information should be a standardized and/or partially automated process. This position paper presents a literature review that depicts a reference process design and the design of a tool to support search and analysis of IT-security related information.

References

  1. Anon, 2012. IT-Sicherheitsniveau in kleinen und mittleren Unternehmen. Studie im Auftrag des Bundesministerium für Wirtschaft und Technologie, Available at: www.bmwi.de/DE/Mediathek/ publikationen,did=525400.html.
  2. Awad, W. S., El-Alfy, E. S. M. & Al-Bastaki, Y., 2015. Improving Information Security Practices through Computational Intelligence, IGI-Global.
  3. Battistella, C. & De Toni, A. F., 2011. A methodology of technological foresight: A proposal and field study. Technological Forecasting and Social Change, 78(6), pp.1029-1048.
  4. Blugurcu, B., Cavusoglu, H. & Benbasat, I., 2010. Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness. MISQ, 34(3), pp.523-548.
  5. Boote, D. N. & Beile, P., 2005. Scholars Before Researchers: On the Centrality of the Dissertation Literature Review in Research Preparation. Educational Researcher, 34(6), pp.3-15.
  6. Bundesamt für Sicherheit in der Informationstechnik, 2015. Die Lage der IT-Sicherheit in Deutschland 2015. Informationstechnik.
  7. Dännart, S., Laux, A., Lechner, U. & Riedl, M., 2016. Suche nach IT-Sicherheitsinformationen - Ein Referenzmodell. In Konferenzband Multikonferenz Wirtschaftsinformatik 2016 (To appear). Ilmenau.
  8. van der Duin, P., Heger, T. & Schlesinger, M. D., 2014. Toward networked foresight? Exploring the use of futures research in innovation networks. Futures, 59, pp.62-78.
  9. Geschonneck, A., Fritzsche, T. & Weiand, D.K., 2013. eCrime - Computerkriminalität in der deutschen Wirtschaft mit Kennzahlen für Österreich und Schweiz, Available at: www.tnsemnid.com/ politik_und_sozialforschung/pdf/Studie_e-Crime2012.pdf.
  10. Harten, C. et al., 2014. Towards an Awareness Gap on Cybercrime - an Empirical Analysis of the Perceived Threat Level and Implemented IT Security Measures in Companies. In D. Kundisch, L. Suhl, & L. Beckmann, eds. MKWI 2014 Multikonferenz Wirtschaftsinformatik. pp. 533-546.
  11. Johnston, A. C. & Warkentin, M., 2010. Fear Appeals and information Security Behaviors: An Empirical Study. MISQ, 34(3), pp.549-566.
  12. Keller, J. & von der Gracht, H. a., 2014. The influence of information and communication technology (ICT) on future foresight processes - Results from a Delphi survey. Technological Forecasting and Social Change, 85, pp.81-92.
  13. Loch, K. D., Carr, H. H. & Warketing, M. E., 1992. Threats to Information Systems?: Today's Reality, Yesterday's Understanding Evolution of Computer Security. MISQ, (June), pp.173-187.
  14. Mahmood, M. A. et al., 2010. Moving toward Black Hat Research in Information Systems Security: An Editorial Introduction to the special issue. MISQ, 34(3), pp.431-433.
  15. Oertl, A., Heiss, M. & Homma, C., 2014. The Iterative Involvement of internal Experts into the Technology Scouting Process a Siemens case study. pp.1-6.
  16. Pfleeger, S. L. & Caputo, D. D., 2012. Leveraging behavioral science to mitigate cyber security risk. Computers & Security, 31(4), pp.597-611.
  17. Randolph, J. J., 2009. A Guide to Writing the Dissertation Literature Review. Practical Assessment, Research & Evaluation, 14(13).
  18. Roberts, T. L. et al., 2013. Insiders Protection of Organizational Information Assets: Development of a Systematcs-Based Taxonomy and Theory of Diversity for Protection Motivated Behaviors. MISQ, 37(4), pp.1189-1210.
  19. Rohrbeck, R., 2010. Harnessing a network of experts for competitive advantage: technology scouting in the ICT industry. R&D Management, 40(2), pp.169-180.
  20. Rohrbeck, R., Thom, N. & Arnold, H., 2013. Technological Forecasting & Social Change IT tools for foresight?: The integrated insight and response system of Deutsche Telekom Innovation Laboratories. Technological Forecasting & Social Change.
  21. Sarpong, D., Maclean, M. & Davies, C., 2013. A matter of foresight: How practices enable (or impede) organizational foresightfulness. European Management Journal, 31(6), pp.613-625.
  22. Siponen, M. & Vance, A., 2010. Neutralization: New Insights into the problem of employee information systems security policy violations. MISQ, 34(3), pp.487-502.
  23. Spears, J. L. & Barki, H., 2010. User Participation in Information Security Risk Management. MISQ, 34(3), pp.503-522.
  24. Vishnevskiy, K., Karasev, O. & Meissner, D., 2014. Integrated roadmaps and corporate Foresight as tools of innovation management: The case of Russian companies. Technological Forecasting and Social Change.
  25. Ward, D. et al., 2014. Trust building and the European research network for critical infrastructure protection community. International Journal of Critical Infrastructure Protection.
  26. Webster, J. & Watson, R.T., 2002. Analyzing the Past to Prepare for the Future: Writing a Literature Review. MISQ, 26(2), pp.13-23. A.
  27. Wolff, M. F., 1992. Scouting for Technology. ResearchTechnology Management, 35(2), p.10.
Download


Paper Citation


in Harvard Style

Bhanu Y., Dännart S., von Kielpinski H., Laux A., Lechner U., Lehmann T., Rieb A., Riedl M. and Wolf F. (2016). A Cyberthreat Search Process and Service . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 528-535. DOI: 10.5220/0005806605280535


in Bibtex Style

@conference{icissp16,
author={Yogesh Bhanu and Sebastian Dännart and Henning von Kielpinski and Alexander Laux and Ulrike Lechner and Tobias Lehmann and Andreas Rieb and Martin Riedl and Florian Wolf},
title={A Cyberthreat Search Process and Service},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={528-535},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005806605280535},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - A Cyberthreat Search Process and Service
SN - 978-989-758-167-0
AU - Bhanu Y.
AU - Dännart S.
AU - von Kielpinski H.
AU - Laux A.
AU - Lechner U.
AU - Lehmann T.
AU - Rieb A.
AU - Riedl M.
AU - Wolf F.
PY - 2016
SP - 528
EP - 535
DO - 10.5220/0005806605280535