The systematic integration of the Internet of Things (IoT) and Cyber-Physical Systems (CPS) into the supply chain to increase operational efficiency and quality has also introduced new complexities to the threat landscape. The myriad of sensors could increase data collection capabilities for businesses to facilitate process automation aided by Artificial Intelligence (AI) but without adopting an appropriate Securityby-Design framework, threat detection and response are destined to fail. The emerging concept of Smart Workplace incorporates many CPS (e.g. Robots and Drones) to execute tasks alongside Employees both of which can be exploited as Insider Threats. We introduce and discuss forensic-readiness, liability attribution and the ability to track moving Smart SPS Objects to support modern Digital Forensics and Incident Response (DFIR) within a defence-in-depth strategy. We present a framework to facilitate the tracking of object behaviour within Smart Controlled Business Environments (SCBE) to support resilience by enabling proactive insider threat detection. Several components of the framework were piloted in a company to discuss a real-life case study and demonstrate anomaly detection and the emerging of behavioural patterns according to objects' movement with relation to their job role, workspace position and nearest entry or exit. The empirical data was collected from a Bluetooth-based Proximity Monitoring Solution. Furthermore, a key strength of the framework is a federated Blockchain (BC) model to achieve forensic-readiness by establishing a digital Chain-of-Custody (CoC) and a collaborative environment for CPS to qualify as Digital Witnesses (DW) to support post-incident investigations.
Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.