An Enhanced Threat Intelligence Driven Hybrid Model for Information Security Risk Management

Risk management (RM) frameworks were established to identify, evaluate, and treat information security risks. The hybrid model for information security risk assessment (RA) [1] outlines a systematic process encompassing threat analysis while remaining agnostic to the source of threat information. It is limited in its adaptability to threat changes and dynamics. In an evolving landscape of changing threats, traditional RM methodologies face limitations in dynamic adaptation without considering Cyber Threat Intelligence (CTI) information. In this paper, we overview the established frameworks and methodologies for RM and CTI to identify gaps in the established RM frameworks. We propose a novel enhancement to the hybrid model by integrating CTI. This enhancement distinguishes our approach from other frameworks by facilitating the proactive inclusion of context-rich external threat data, leading to a more efficient RM process that effectively adapts to the ever-evolving cyber threat landscape.