Abstract
Cyberattacks have been increasing in volume and intensity, necessitating proactive measures. Cybersecurity risk management frameworks are deployed to provide actionable intelligence to mitigate potential threats by analyzing the available cybersecurity data. Existing frameworks, such as MITRE ATT&CK, provide timely mitigation strategies against attacker capabilities yet do not account for hacker data when developing cyber threat intelligence. Therefore, we developed a novel information technology artifact, ATT&CK-Link, which incorporates a novel transformer and multi-teacher knowledge distillation design, to link hacker threats to this broadly used framework. Here, we illustrated how hospital systems can use this framework to proactively protect their cyberinfrastructure against hacker threats. Our ATT&CK-Link framework has practical implications for cybersecurity professionals, who can implement our framework to generate strategic, operational, and tactical cyber threat intelligence. ATT&CK-Link also contributes to the information systems knowledge base by providing design principles to pursue targeted cybersecurity analytics, risk management, and broader text analytics research through simultaneous multi-modal (e.g., text and code) distillation and classification.
Original language | English (US) |
---|---|
Pages (from-to) | 236-265 |
Number of pages | 30 |
Journal | Journal of Management Information Systems |
Volume | 41 |
Issue number | 1 |
DOIs | |
State | Published - 2024 |
Keywords
- ATT&CK
- Hacker forums
- computational design science
- cyber threat intelligence
- cybersecurity analytics
- cybersecurity risk management
- deep learning
- knowledge distillation
- risk management frameworks
- transformers
ASJC Scopus subject areas
- Management Information Systems
- Computer Science Applications
- Management Science and Operations Research
- Information Systems and Management