Intelligence-driven Risk Management in Information Security Systems

Abstract

The task of making decisions in information security, when faced with unclear probabilities and unforeseen consequences of events in the constantly evolving cyber threat landscape, has gained significant importance. Cyber threat intelligence equips decision-makers with essential information and context to comprehend and predict future threats, hence minimizing ambiguity and enhancing the precision of risk assessments. Addressing uncertainty in decision-making demands the adoption of a new methodology led by threat intelligence (TI) and a risk analysis approach. This is a crucial aspect of evidence-based decision-making. Our proposed solution to this difficulty involves the implementation of a TI-based security assessment methodology and a decision-making strategy that takes into account both known unknowns and unknown unknowns. The proposed methodology seeks to improve decision-making quality by utilizing causal graphs, which provide an alternative to current methodologies that rely on attack trees, hence reducing uncertainty. In addition, we analyze strategies, methods, and protocols that are feasible, likely, and credible, enhancing our capacity to anticipate enemy actions. Our proposed approach offers practical counsel to information security leaders, enabling them to make well-informed decisions in uncertain circumstances. This paper presents a novel approach to tackling the problem of making decisions in uncertain situations in the field of information security. It introduces a methodology that can assist decision-makers in navigating the complexities of the ever-changing and dynamic world of cyber threats.