Cyber Intelligence: A Framework for the Sharing of Data

Cyber Security threats manifest in a variety of formats ranging from espionage to the unaware insider. Intelligence or "intel" has been widely used traditionally in informing defense and security methodologies. These fields have evolved and so has the various methodologies of the craft. Cyber Intelligence too has evolved with time to become a critical aspect of support, influencing policy, strategy and tactical decisions. This paper will explore the need for a defined framework as well as associated standards and polices that will support existing information-sharing and analysis capabilities. It establishes a model for enabling the gathering and sharing of intelligence between government (incl: Military and Law enforcement) and the private sector in a trusted, constructive and actionable manner which is of critical importance. Cyber intelligence enables teams to be proactive and should be the core of all cyber security and defense planning and deliberations. It should drive all decision making activities. Cyber intelligence has been described as evidence-based information, including context, mechanisms, indicators of compromise, implications and actionable advice, about existing or emerging hazards to assets (Shakeel 2017). This paper presents arguments which support the initiative that an ideal approach to cybersecurity requires sharing and cooperation between entities in order to identify-specific pending and existing threats. This will require that organisations share their own experiences with cyber threats as it is through collaborative efforts that the different intelligence sharing initiatives will be successful. The alleviation of issues is possible with the development of a standard framework flexible enough to accommodate the intricacies of all areas that have an impact on cyber intelligence. A potential framework will be presented incorporating views from practitioners in the field to include those in defense, security and mainstream government. This will in turn provide the basis from which a set of standards is defined to govern how the intelligence "data" is shared across agencies. This research is theoretical and will employ the qualitative methodology.