Cyber-security intelligence gathering: Issues with knowledge management

Abstract

Recently, KM has found applications in cyber-security. Though the actionable information gathered is intangible, they are used to improve knowledge sharing in organizations. Key cyber-security objectives are to prevent, detect and respond to threats. Using open-sharing of vulnerabilities and exploits, cyber risks could be mitigated through info-sharing. Cyber-intelligence is perceived as a process and a product, with outcomes being alerts that solicit explicit responses, leading to mitigation of possible threats. Using the Scrum approach, relevant articles and databases were reviewed, towards improving mitigation strategies. A virtual machine experiment utilized various tools to gather intelligence. Results from footprinting were used to design a KM-based Cyber-Intelligence Gathering model that incorporates Lewin's Change Theory. It is intuitive and serves as an effective mitigation strategy for most organizations, especially SMEs. The implication is that knowledge sharing could be harnessed to create a pool of mitigation resources for most enterprises in developing economies. � 2018 by IGI Global. All rights reserved.