A tale of two cybers - how threat reporting by cybersecurity firms systematically underrepresents threats to civil society

Maschmeyer, Lennart; Deibert, Ronald J.; Lindsay, Jon R.

doi:10.1080/19331681.2020.1776658

Cited by 54 publications

(12 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…From this perspective, a promising initiative is STIX CyBox [143]: its goal is creating a threat intelligence platform shared by multiple parties, facilitating the entire process of incident detection and response. Nonetheless, such platforms must (i) contain unbiased data-otherwise there a the risk of manipulating future developments [109]-and (ii) comply with the existing regulation, hence requiring the involvement of the respective authorities.…”

Section: Data Availability (Executives and Legislation Authorities)mentioning

confidence: 99%

The Role of Machine Learning in Cybersecurity

Apruzzese,

Laskov,

de Oca

et al. 2022

Preprint

View full text Add to dashboard Cite

Machine Learning (ML) represents a pivotal technology for current and future information systems, and many domains already leverage the capabilities of ML. However, deployment of ML in cybersecurity is still at an early stage, revealing a significant discrepancy between research and practice. Such discrepancy has its root cause in the current state-of-the-art, which does not allow to identify the role of ML in cybersecurity. The full potential of ML will never be unleashed unless its pros and cons are understood by a broad audience.This paper is the first attempt to provide a holistic understanding of the role of ML in the entire cybersecurity domain-to any potential reader with an interest in this topic. We highlight the advantages of ML with respect to human-driven detection methods, as well as the additional tasks that can be addressed by ML in cybersecurity. Moreover, we elucidate various intrinsic problems affecting real ML deployments in cybersecurity. Finally, we present how various stakeholders can contribute to future developments of ML in cybersecurity, which is essential for further progress in this field. Our contributions are complemented with two real case studies describing industrial applications of ML as defense against cyber-threats.

show abstract

Section: Data Availability (Executives and Legislation Authorities)mentioning

confidence: 99%

The Role of Machine Learning in Cybersecurity

Apruzzese,

Laskov,

de Oca

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…non-governmental organizations, educational institutions and individuals). 116 As schools, non-governmental organizations and individuals are more likely to be concerned with issues of social power, harms and equality, this prioritization has knock-on gender effects.…”

Section: Recommendationsmentioning

confidence: 99%

Gender Approaches to Cybersecurity: Design, Defence and Response

Millar¹,

Shires²,

Tropina³

2021

View full text Add to dashboard Cite

Gender approaches to cybersecurity explores how gender norms shape specific activities pertaining to cybersecurity design, defence and response. In each of these three pillars, the research identifies distinct dimensions of cyber-related activities that have gendered implications and, thus, need to be considered from a gender perspective. The report proposes recommendations for the incorporation of gender considerations throughout international cybersecurity policy and practice, so as to ensure that cybersecurity improves the security of people of all gender identities and expressions, as well as international peace and security. The ultimate conclusion is that these two levels of security cannot be separated.

show abstract

“…Moreover, there are still considerable challenges involved in attributing malicious cyber activity to particular state sponsors and doing so promptly and in a manner that is independently verifiable. Attribution capabilities also vary across states and cybersecurity companies may be biased in their reporting on the activities of proxy hacker groups (Maschmeyer et al, 2021). Relying on multiple sources to code proxy relationships should mitigate this problem, but it is possible that some proxy relationships may be mis-specified by the various sources.…”

Section: Cyber Proxiesmentioning

confidence: 99%

Accountability and cyber conflict: examining institutional constraints on the use of cyber proxies

Akoto

2021

Conflict Management and Peace Science

View full text Add to dashboard Cite

As state-sponsored cyber operations have proliferated, some states are outsourcing these operations to non-state cyber proxies. However, given the relative ease of outsourcing cyber operations, it is puzzling why more states are not engaged in this practice. I examine how domestic accountability institutions potentially explain this restraint in the use of cyber proxies. I argue that in cases where the incumbent is likely to be held to account for cyber operations, there is restraint in the use of proxies. Moreover, I distinguish vertical from horizontal accountability and argue that because vertical accountability mechanisms directly threaten the tenure of the incumbent if outsourced cyber operations go wrong, it has a greater constraining effect relative to horizontal accountability. I test these propositions with new data on the activities of several hacker groups and robustly confirm that accountability institutions do place significant constraints on the use of cyber proxies.

show abstract

A tale of two cybers - how threat reporting by cybersecurity firms systematically underrepresents threats to civil society

Abstract: View related articles View Crossmark data Citing articles: 3 View citing articles A tale of two cybers-how threat reporting by cybersecurity firms systematically underrepresents threats to civil society

Cited by 54 publications

References 29 publications

The Role of Machine Learning in Cybersecurity

The Role of Machine Learning in Cybersecurity

Gender Approaches to Cybersecurity: Design, Defence and Response

Accountability and cyber conflict: examining institutional constraints on the use of cyber proxies

Contact Info

Product

Resources

About