Cyber-Threat Information-Sharing Standards: A Review of Evaluation Literature

Abstract

Cyber-threat information-sharing tools, through which cybersecurity teams share threat information, are essential to combatting today's increasingly frequent and sophisticated cyber-attacks. Several cyber-threat information-sharing standards exist, but there is at present no single standard or set of standards widely adopted by organisations and by computer security incident response teams (CSIRTs) operating at organisational, sectoral, national, and international levels. This introduces an interoperability problem in respect of communication across the various organisations and CSIRTs. Harmonised adoption of threat information-sharing standards would be of great benefit to cybersecurity efforts. In an effort to support harmonised use of cyber-threat information-sharing standards, this article provides findings from a review of the extant literature on such standards.