Intelligence-based Cybersecurity Awareness Training- an Exploratory Project

TL;DR

This paper introduces an innovative, scalable cybersecurity training model driven by emerging threats, integrating threat intelligence with training to enhance adaptability and effectiveness in cybersecurity awareness.

Contribution

It presents a novel type system linking cybersecurity training with threat intelligence, along with a scalable implementation using IBM Watson, and publicly shares datasets and tools.

Findings

The model effectively prioritizes vulnerable members for training.

The type system links training with threat intelligence.

The approach is practical and scalable.

Abstract

Cybersecurity training should be adaptable to evolving the cyber threat landscape, cost effective and integrated well with other enterprise management components. Unfortunately, very few cybersecurity training platforms can satisfy such requirements. This paper proposes a new and novel model for conducting cybersecurity training with three main objectives: (i) training should be initiated by emerging relevant threats and delivered first to the most vulnerable members (ii) the process has to be agile (iii) training results must be able to provide actionable intelligence. For the first time, this paper establishes a type system (ontology and associated relationships) that links the domain of cybersecurity awareness training with that of cyber threat intelligence. Powered by IBM Watson Knowledge Studio platform, the proposed method was found to be practical and scalable. Main contributions such as exports of the type system, the manually annotated corpus of 100 threat reports and 127 cybersecurity assessment results, the dictionaries for pre-annotation, etc were made publicly available.