Improving Threat Mitigation Through a Cybersecurity Risk Management Framework: A Computational Design Science Approach
Name:
ATTACK-Link-JMIS-2022-R3.pdf
Embargo:
2025-08-19
Size:
1.236Mb
Format:
PDF
Description:
Final Accepted Manuscript
Affiliation
Eller College of Management, University of ArizonaIssue Date
2024-02-19Keywords
ATT&CKcomputational design science
cyber threat intelligence
cybersecurity analytics
cybersecurity risk management
deep learning
Hacker forums
knowledge distillation
risk management frameworks
transformers
Metadata
Show full item recordPublisher
Informa UK LimitedCitation
Ampel, B. M., Samtani, S., Zhu, H., Chen, H., & Nunamaker, J. F. (2024). Improving Threat Mitigation Through a Cybersecurity Risk Management Framework: A Computational Design Science Approach. Journal of Management Information Systems, 41(1), 236–265. https://doi.org/10.1080/07421222.2023.2301178Rights
© 2024 Taylor & Francis Group, LLC .Collection Information
This item from the UA Faculty Publications collection is made available by the University of Arizona with support from the University of Arizona Libraries. If you have questions, please contact us at repository@u.library.arizona.edu.Abstract
Cyberattacks have been increasing in volume and intensity, necessitating proactive measures. Cybersecurity risk management frameworks are deployed to provide actionable intelligence to mitigate potential threats by analyzing the available cybersecurity data. Existing frameworks, such as MITRE ATT&CK, provide timely mitigation strategies against attacker capabilities yet do not account for hacker data when developing cyber threat intelligence. Therefore, we developed a novel information technology artifact, ATT&CK-Link, which incorporates a novel transformer and multi-teacher knowledge distillation design, to link hacker threats to this broadly used framework. Here, we illustrated how hospital systems can use this framework to proactively protect their cyberinfrastructure against hacker threats. Our ATT&CK-Link framework has practical implications for cybersecurity professionals, who can implement our framework to generate strategic, operational, and tactical cyber threat intelligence. ATT&CK-Link also contributes to the information systems knowledge base by providing design principles to pursue targeted cybersecurity analytics, risk management, and broader text analytics research through simultaneous multi-modal (e.g., text and code) distillation and classification.Note
18 month embargo; first published 19 February 2024ISSN
0742-1222EISSN
1557-928XVersion
Final accepted manuscriptSponsors
National Science Foundationae974a485f413a2113503eed53cd6c53
10.1080/07421222.2023.2301178