TY - GEN
T1 - Conceptualising cyber counterintelligence
T2 - 15th European Conference on Cyber Warfare and Security, ECCWS 2016
AU - Duvenage, Petrus
AU - Jaquire, Victor
AU - Von Solms, Sebastian
PY - 2016
Y1 - 2016
N2 - Several escalating trends are affirming the centrality of Cyber Counterintelligence (CCI) in effectively addressing advanced cyber threats of today and tomorrow. Yet, in comparison with the burgeoning academic and commercial literature on the related field of Cyber Threat Intelligence (CTI), CCI remains vastly unexplored. Outside the circles of governments' security apparatus, some large corporates and niche vendors that offer such specialised services, CCI is still obscure. While interest is gradually growing in CCI, this academic discipline is very young and largely uncharted. Leveraging off previous research by the aforementioned authors, this paper advances two further building blocks to contribute towards constructing this emerging discipline. Building block 1 comprises a distinction between CCI and CTI. Such a distinction is necessary for clarity and has the advantages of allowing CCI to benefit from the extensive research work done in the CTI field. Building block 2 consists of a multi-layered framework that explicates the different levels on which CCI functions, namely the strategic, operational and tactical functional levels. This framework progresses building block 1. While these functional levels have been described extensively in CTI literature, no such CCI-specific application could be found in literature within the public domain. Since it expounds CCI on the various levels that it functions, the framework contributes to a more nuanced academic conceptualisation of this discipline of CCI. On a practical level, the framework could serve as a notional guide for performing actual CCI work more effectively. The article concludes by reiterating the importance of CCI in addressing advanced threats and suggesting areas for further research.
AB - Several escalating trends are affirming the centrality of Cyber Counterintelligence (CCI) in effectively addressing advanced cyber threats of today and tomorrow. Yet, in comparison with the burgeoning academic and commercial literature on the related field of Cyber Threat Intelligence (CTI), CCI remains vastly unexplored. Outside the circles of governments' security apparatus, some large corporates and niche vendors that offer such specialised services, CCI is still obscure. While interest is gradually growing in CCI, this academic discipline is very young and largely uncharted. Leveraging off previous research by the aforementioned authors, this paper advances two further building blocks to contribute towards constructing this emerging discipline. Building block 1 comprises a distinction between CCI and CTI. Such a distinction is necessary for clarity and has the advantages of allowing CCI to benefit from the extensive research work done in the CTI field. Building block 2 consists of a multi-layered framework that explicates the different levels on which CCI functions, namely the strategic, operational and tactical functional levels. This framework progresses building block 1. While these functional levels have been described extensively in CTI literature, no such CCI-specific application could be found in literature within the public domain. Since it expounds CCI on the various levels that it functions, the framework contributes to a more nuanced academic conceptualisation of this discipline of CCI. On a practical level, the framework could serve as a notional guide for performing actual CCI work more effectively. The article concludes by reiterating the importance of CCI in addressing advanced threats and suggesting areas for further research.
KW - Cyber Counterintelligence
KW - Cyber Threat Intelligence
KW - Cyber counterintelligence levels
KW - Cyber counterintelligence maturity
KW - Offensive cybersecurity
UR - http://www.scopus.com/inward/record.url?scp=84979270242&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84979270242
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 93
EP - 103
BT - Proceedings of the 15th European Conference on Cyber Warfare and Security, ECCWS 2016
A2 - Koch, Robert
A2 - Rodosek, Gabi Dreo
PB - Curran Associates Inc.
Y2 - 7 July 2016 through 8 July 2016
ER -