TY - GEN
T1 - Defenses in Cybersecurity through Threat Intelligence Approaches
AU - Barbosa, Amanda Moctezuma
AU - Robila, Stefan A.
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - With increasing security risks, managing cyberthreats has become a critical aspect of information technology. As attacks grow more disruptive, the demand for effective incident response capabilities has intensified to ensure rapid detection, mitigation of exploited vulnerabilities, and restoration of services. An effective response plan requires careful preparation, sufficient resources, and post-incident analysis to identify improvements in security measures and guide the development of advanced prevention strategies. Integrating Cyber Threat Intelligence (CTI) into this phase enhances reporting by providing insights into adversaries' tactics, techniques, and procedures, as well as potential vulnerabilities and mitigation approaches. This paper proposes a theoretical framework for incorporating CTI into post-incident analysis to strengthen organizational security posture and resilience. It also examines practices within Higher Education Institutions to highlight the benefits of CTI integration and demonstrate its potential to enable more efficient and informed responses to future threats.
AB - With increasing security risks, managing cyberthreats has become a critical aspect of information technology. As attacks grow more disruptive, the demand for effective incident response capabilities has intensified to ensure rapid detection, mitigation of exploited vulnerabilities, and restoration of services. An effective response plan requires careful preparation, sufficient resources, and post-incident analysis to identify improvements in security measures and guide the development of advanced prevention strategies. Integrating Cyber Threat Intelligence (CTI) into this phase enhances reporting by providing insights into adversaries' tactics, techniques, and procedures, as well as potential vulnerabilities and mitigation approaches. This paper proposes a theoretical framework for incorporating CTI into post-incident analysis to strengthen organizational security posture and resilience. It also examines practices within Higher Education Institutions to highlight the benefits of CTI integration and demonstrate its potential to enable more efficient and informed responses to future threats.
KW - cyber threat intelligence
KW - cybersecurity
KW - incident response
UR - https://www.scopus.com/pages/publications/105031387765
U2 - 10.1109/ISNCC66965.2025.11250414
DO - 10.1109/ISNCC66965.2025.11250414
M3 - Conference contribution
AN - SCOPUS:105031387765
T3 - 2025 International Symposium on Networks, Computers and Communications, ISNCC 2025
BT - 2025 International Symposium on Networks, Computers and Communications, ISNCC 2025
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2025 International Symposium on Networks, Computers and Communications, ISNCC 2025
Y2 - 27 October 2025 through 29 October 2025
ER -