National Cybersecurity Information Sharing Network

National Cybersecurity Information Sharing Network

Introduction 

Information sharing and integration of cyber data is a prerequisite for the protection of critical infrastructure providers. The National Cybersecurity Information Sharing Network (NCSISN) can be considered as a “security exchange” for sensitive cybersecurity information. It provides a secure venue for sharing cyber threat indicators (they identify malicious cyber activity) with trusted partners, experts, and authorities in real time. 

The NCSISN is a national platform which supports integration and cybersecurity information sharing among critical infrastructure providers, including the private sector, to protect their data against breaches, attacks or lost. Also, it provides the ability for cross-sector cybersecurity monitoring of cyber threats, and cooperation between the critical infrastructure stakeholders. 

The new platform will have the main features of data flow, integration, information sharing, and planned to detect cyber threats.  Also, it enables cross-sector security monitoring of cyber threats, and cooperation between the critical infrastructure stakeholders. 

The National Cybersecurity Agency (NCSA) provide a platform that can be used by multiple stakeholders in cybersecurity to implement rules and policies, collaborate with authorities, law enforcement and other stakeholders, share knowledge, monitor, and act against threats. 

Objectives 

Outcome 

Strategic national defence and offense strategies, effective coordination among organizations, and continuous awareness of potential attacks. 

National Information Sharing Network provides: 

  • critical infrastructures with reliable information about cybersecurity risks,  
  • facilitates information exchange among stakeholders,  
  • alerts managers to emerging threats 
  •  promotes cooperation between organizations.  
  • in addition, NISPC organizes training courses for selected groups of users. 

Page Break 

Strategic Layer 

The main goal of the National Cybersecurity Information Sharing Network (NCSISN) is to increase the detection capability of its network members. 

Following sub-goals have also been identified as a driver of the main goal: 

  1. Sharing indicators of compromises (IoCs), 
  2. Collecting shared IoCs sightings, 
  3. Ensuring quality of shared IoCs. 

Desired outcome of the indicators of compromises (IoCs) sharing is a near-real-time information sharing between the network members. The desired outcome will be supported by the implementation of the MISP Threat Sharing (MISP) open-source threat intelligence platform. 

Desired outcome of the collection of raised sightings on shared IoCs is a near-real-time sightings central reporting of all shared IoCs sightings detected on the network to the National Cybersecurity Agency (NSCA). The desired outcome will also be supported by the implementation of the MISP Threat Sharing (MISP) open-source threat intelligence platform. 

Desired outcome of the ensuring quality of shared IoCs is to guaranteethe accuracy and the value of the IoCs and sightings circulating on the network to the network members. The desired outcome will be supported by a quality management process. 

All goals are under the responsibility of the National Cybersecurity Agency (NSCA) team. The NSCA team is composed of: 

  • a security analyst team, composed of experts having capabilities in incident analysis allowing articulation and operationalization of indicators of compromises (IoCs) into the MISP Threat Sharing (MISP) open-source threat intelligence platform, 
  • an IT operation team, composed of experts having IT operation capabilities including operating systems, network components and into MISP management, 
  • a data analytic team, composed in experts having data analytic capabilities to ensure the continual quality management of the network. Analyzed data is composed of shared IoCs attributes and of related sightings. 

NSCA operational excellence is vital to the sustainability of the network and trust into the network by its members. Operation excellence will ensure that the near-real-time sharing of IoCs, and collection of sightings is achieved. Having a secure network is a paradigm of the trust into the network. IoCs and sightings of value are also critical to ensure the long-term collaboration of the members into the network. 

The National Cybersecurity Information Sharing Network (NCSISN), composed of multiple instances of the MISP Threat Sharing (MISP) open-source threat intelligence platform, is managed at the IT operational level by the IT operation department. 

ArchiMate 

Page Break 

Motivation Layer 

A National Cybersecurity Information Sharing Network (NCSISN) needs to be established at the national level to ensure information sharing allowing detection of cyberattacks against national interest like critical infrastructure. 

The purpose of the NCSISN is to create a secure channel for exchange of information concerning cybersecurity incidents. 

The continuous objective of NCISN is to increase the detection capabilities of its network members to reduce the potential consequences of cybersecurity incidents on national interests. 

Stakeholders 

The following stakeholders that represent their interests in the outcome of the network have been identified: 

  • NCSA: National Cybersecurity Agency sponsor of the project. 
  • Critical Infrastructure Operators: Critical infrastructure operators of critical infrastructures designated by law. Critical infrastructure operators are member of the network. 
  • CERTs / CSIRTs: Computer Emergency Response Teams and Computer Security Incident Response Teams. A CERT / CSIRT could be dedicated to a critical infrastructure operator (inhouse or outsourced) or to a sector covering multiple critical infrastructure operators (e.g., a CERT dedicated to the health sector). CERTs / CSIRTs are member of the network. 
  • ISACs: Information Sharing and Analysis Centres provide central resources to gathering information on cyber threats and sharing them. ISAC’s are most of the time dedicated to a specific sector. ISACs are member of the network. 

Drivers 

The following drivers, representing an external or internal condition that motivates the NCSA to define its goals and implement the changes necessary to achieve them, have been identified: 

  • National Security: The national security includes cybersecurity as a component. 
  • National Cybersecurity Strategy (NCS): The NCS has been developed by the government in collaboration with the private sector. The NCS include a strategic point related to the National Cybersecurity Information Sharing Network (NCSISN) and gives the responsibility to develop the NCSISN to the National Cybersecurity Agency (NCSA). 
  • National legislation: The national legislation gives to the National Cybersecurity Agency (NCSA) the mission to protect critical infrastructures and to distribute appropriate information to concerned entities. National legislation also requires from critical infrastructure operators to implement appropriate security measures to ensure national interest. 
  • Geopolitical situations: Some geopolitical situations can increase the risks that the national critical infrastructures could be target of cyber activities or state sponsored hackers. 

Assessment 

As of today, there is no cybersecurity information sharing network that can help to increase detection capabilities of the critical infrastructures. The lack of a cybersecurity information sharing network is a threat to the national interest to protect critical infrastructures and the economy. A national cybersecurity situational view of ongoing cybersecurity attacks and threats is currently not available not allowing effective coordination among impacted organizations, and the promotion of continuous awareness on cyber-attacks. 

Goals 

The main goal is to enhance the national security by increasing in near-real-time detection of cyberattacks and threats capacities targeting critical infrastructures operators supported by an information sharing network. A sub-goal is to provide though the cybersecurity information sharing network a near-real-time national overview of ongoing cybersecurity attacks and threats

Outcomes 

Identified outcomes are: 

  • Implementation of a secure information sharing network. 
  • Sharing of high-quality indicators of compromises (IoCs). 
  • All critical infrastructure operators been members of the network. 
  • All members actively reporting sightings on shared indicators of compromises (IoCs). 
  • Creating a national and sectoral situational view of ongoing cybersecurity attacks and threats. 

Requirements 

The following needs have been identified to achieve a successful National Cybersecurity Information Sharing Network (NCSISN): 

  • Implement a secure network to ensure confidentiality, integrity and availability of exchanged information’s and members. 
  • Ensure quality of shared indicators of compromises (IoCs) to keep stakeholders’ engagement in the network and to ensure that the situational view of ongoing cybersecurity attacks and threats is representative. 

Page Break 

Constraints 

The following constraints that could prevents or obstructs the realisation of the main goal have been identified: 

  • Detection capabilities of critical infrastructure operators doesn’t exist, not allowing to take advantage of shared indicators of compromises (IoCs) and not allowing to National Cybersecurity Agency (NSCA) to collect sightings on these IoCs. 
  • Lack of data analytic resources at the NSCA would not allow NSCA to qualify if IoCs proposed to be shared and sightings reported by the network have value and are not leading to false positives. The situational view of cyber-attacks and threats would also be indirectly impacted by the lack of resources in data analytic expertise. 

Principles 

The following principles are necessary to be implemented: 

  • Adhere to the network confidentiality charter. A confidentiality charter is necessary to be sign by members as sensitive data is shared. 
  • Follow standardized taxonomies for indicators of compromises (IoCs) descriptions. Standardization of IoCs documentation is necessary to ensure coherence and quality of shared information. 

ArchiMate 

Page Break 

Business Layer 

Motivation 

Provide a collaborative infrastructure, that facilitate accurate, complete, timely, and actionable information sharing. This will enable members to mitigate risks proactively and protect themselves from attack. 

Business service 

Information sharing is the main business service offered to the network members. 

Business interfaces 

The MISP Threat Sharing (MISP) open-source threat intelligence platform is the main business interface to the network members. MISP allow sharing of indicators of compromises (IoCs) and of sightings. 

Business processes 

Information sharing  

Information sharing is under the responsibility of the NSCA security analyst team. 

The source of the unqualified information event (composed of indicators of compromises) can be CSIRTs / CERTs, ISACs or critical infrastructure operators that are members of the network and desiring to share the information with other members. These business actors are identified as a role of submitter.  

The destination of the qualified information event (composed of indicators of compromises) can be CSIRTs / CERTs, ISACs or critical infrastructure operators that are members of the network. These business actors are identified as a role of receiver.  

Each unqualified information event submitted by a submitter must be published via the MISP business interface that support the articulation of business processes under the responsibilities of the NSCA security analyst team. 

Each qualified information event validated by the NSCA security analyst team will be published via the MISP business interface to the receiver role. 

The following business processes are under the responsibility of the NSCA security analyst team: 

  • Classification level validation: This process ensures that the proposed indicators have a defined classification traffic light protocol (TLP) level. TLP allow the submitter to specify the confidentiality level required by the receiver. If the TLP level is not specified, the unqualified information event is rejected, and rejection is notified to the submitter with documented reasons. If not rejected in this phase of the process the unqualified information event will have a validation of its model. 
  • Data model validation: This process ensure that the proposed indicators are respecting the MISP data model. If the MISP data model is not respected, the unqualified information event is rejected, and rejection is notified to the submitter with documented reasons. If not rejected in this phase of the process the unqualified information event will have a validation of its taxonomy. 
  • Taxonomy validation: This process ensure that the proposed indicators are respecting the proposed MISP taxonomies allowing classifications modelling. If the proposed MISP taxonomies are not respected, the unqualified information event is rejected, and rejection is notified to the submitter with documented reasons. If not rejected in this phase of the process the unqualified information event will have a validation of its quality with the sandbox validation process. 
  • Sandbox validation: This process ensure that the proposed indicators are not triggering important number of false positives (due to popularity by example) or are not deceptive indicators submitted to pollute the network. If the proposed sandbox validation doesn’t pass, the unqualified information event is rejected, and rejection is notified to the submitter with documented reasons. If not rejected in this phase of the process the unqualified information event will be published to the network members for sharing. 
  • Event rejection: This process is triggered when an unqualified information event is rejected as a rejected information event after the classification level validation, data model validation, the taxonomy validation or the sandbox validation processes. The rejection is notified via the MISP interface to the submitter with a documented reason of rejection. 
  • Event publication: This process consists of publishing a qualified information event to the network members identified as a role of receiver

Data analytic  

Data analytic is under the responsibility of the NSCA data analytic team and is triggered by a planned monthly review of all qualified information events that are shared on the network. 

Data analytic is articulated around the following processes: 

  • Sightings review: This process reviews the quality of the sightings raised on the shared qualified information events to determine if the concerned qualified information events can still be shared on the network or if they should be decommissioned from the network. 
  • Lifetime review: This process ensures that the shared qualified information events lifetime is still accurate. A shared qualified information event that is too old will lose its pertinence despite sightings occurred or not on it. If the concerned qualified information event is too old, it will be decommissioned from the network. 
  • Context review: This process ensures that the shared qualified information events context is still accurate. Following reported sightings, the context could still be accurate or not. If the initial context of the concerned qualified information event is no more accurate, it will be decommissioned from the network. 
  • Event decommission: The process consist to decommission the qualified information event from the network.  The decommission is notified via the MISP interface to the submitter with a documented reason of decommission. 

ArchiMate 

Page Break 

Application Layer 

MISP Threat Sharing (MISP) open-source threat intelligence platform is the main interface used in the project. MISP is developed by a third party. 

Application services: 

  • Submitted unqualified information event. 
  • Collect qualified information event. 
  • Collect rejected unqualified information event. 

Application components: 

  •  

ArchiMate 

Page Break 

Technology Layer 

ArchiMate 

Risk and security 

Conclusion 

Order Now

Get expert help for National Cybersecurity Information Sharing Network and many more. 24X7 help, plag free solution. Order online now!

Universal Assignment (June 16, 2024) National Cybersecurity Information Sharing Network. Retrieved from https://universalassignment.com/national-cybersecurity-information-sharing-network/.
"National Cybersecurity Information Sharing Network." Universal Assignment - June 16, 2024, https://universalassignment.com/national-cybersecurity-information-sharing-network/
Universal Assignment July 28, 2022 National Cybersecurity Information Sharing Network., viewed June 16, 2024,<https://universalassignment.com/national-cybersecurity-information-sharing-network/>
Universal Assignment - National Cybersecurity Information Sharing Network. [Internet]. [Accessed June 16, 2024]. Available from: https://universalassignment.com/national-cybersecurity-information-sharing-network/
"National Cybersecurity Information Sharing Network." Universal Assignment - Accessed June 16, 2024. https://universalassignment.com/national-cybersecurity-information-sharing-network/
"National Cybersecurity Information Sharing Network." Universal Assignment [Online]. Available: https://universalassignment.com/national-cybersecurity-information-sharing-network/. [Accessed: June 16, 2024]

Please note along with our service, we will provide you with the following deliverables:

Please do not hesitate to put forward any queries regarding the service provision.

We look forward to having you on board with us.

Categories

Get 90%* Discount on Assignment Help

Most Frequent Questions & Answers

Universal Assignment Services is the best place to get help in your all kind of assignment help. We have 172+ experts available, who can help you to get HD+ grades. We also provide Free Plag report, Free Revisions,Best Price in the industry guaranteed.

We provide all kinds of assignmednt help, Report writing, Essay Writing, Dissertations, Thesis writing, Research Proposal, Research Report, Home work help, Question Answers help, Case studies, mathematical and Statistical tasks, Website development, Android application, Resume/CV writing, SOP(Statement of Purpose) Writing, Blog/Article, Poster making and so on.

We are available round the clock, 24X7, 365 days. You can appach us to our Whatsapp number +1 (613)778 8542 or email to info@universalassignment.com . We provide Free revision policy, if you need and revisions to be done on the task, we will do the same for you as soon as possible.

We provide services mainly to all major institutes and Universities in Australia, Canada, China, Malaysia, India, South Africa, New Zealand, Singapore, the United Arab Emirates, the United Kingdom, and the United States.

We provide lucrative discounts from 28% to 70% as per the wordcount, Technicality, Deadline and the number of your previous assignments done with us.

After your assignment request our team will check and update you the best suitable service for you alongwith the charges for the task. After confirmation and payment team will start the work and provide the task as per the deadline.

Yes, we will provide Plagirism free task and a free turnitin report along with the task without any extra cost.

No, if the main requirement is same, you don’t have to pay any additional amount. But it there is a additional requirement, then you have to pay the balance amount in order to get the revised solution.

The Fees are as minimum as $10 per page(1 page=250 words) and in case of a big task, we provide huge discounts.

We accept all the major Credit and Debit Cards for the payment. We do accept Paypal also.

Popular Assignments

ARCH7004: Planning and Development Control Assessment 3

Assessment 3: Choose a particular type of commercial, industrial or high-rise development (Class 2-9 building) or subdivision that is currently being considered by a Consent Authority such as a Local Council (court or tribunal) or a State or Federal Government Agency (this may be the site from Assessment 2). Once

Read More »

Promote Person-Centred Approaches in Care Settings:

Remember when you are answering the questions to look at the command words and here is what each of these mean within the questions, below is a table with the meanings of some of the operative words you will see in this unit. Describe Give a clear description that includes

Read More »

Promote equality and inclusion in Care settings:

Remember when you are answering the questions to look at the command words and here is what each of these mean within the questions, below is a table with the meanings of some of the operative words you will see in this unit. Describe Give a clear description that includes

Read More »

Physical Activity, Health and Wellbeing Assignment

 Bsc Public Health and Health Promotion (Top up) June 23 Intake,  LONDON          Physical Activity, Health and Wellbeing Assignment Brief.                  Assessment 1: Poster Design and written presentation of a physical activity intervention (weighted at 20%). 800 words Your aim is to create an intervention that ‘nudges’ students and staff

Read More »

Innovation Proposal | Part 2 – Execution and Change Plan

Instructions:  Part 2 Research indicates that the execution and implementation of innovation is the greatest challenge for leaders. Generating ideas is deemed exciting while implementing change is considered the biggest challenge, which often results in organizational resistance. REQUIREMENTS Top of Form Bottom of Form Submission status Grading criteria Implementation Schedule,

Read More »

Innovation Proposal | Part 3 – Leadership Reflection and Application

Instructions  Part 3  REQUIREMENTS Top of Form Bottom of Form Submission status Grading criteria Analysis (see rubric in syllabus for evaluation guidelines) Beginning (0-55); Developing (56-63); Accomplished (64-71); Exemplary (72-80) Fully developed introspective analysis of how innovation impacts personal leadership. Thoroughly examines the influence of personal faith worldview on pursuing

Read More »

EDUCATORS INQUIRING ABOUT THE WORLD

EDUCATORS INQUIRING ABOUT THE WORLD     ASSESSMENT 1 PROPOSAL PLAN (FORMATIVE) TEMPLATE (20 marks)  Complete the proposal under the following headings as they provide guidelines for the overall format and contents of the proposal.   DECLARATION: By submitting this assessment I declare the following  Remove ALL Blue Writing before submission. Leave

Read More »

Introduction to Sociology

Measurable Objectives Week 7 Materials The materials for the week address the issue of Crime & Deviance. Crime and Deviance are not the same!                                                                                      Crime is a violation of law (local, State, or federal laws).                                                                      Crime is a social construct. Crime is a product of someone’s reality. Deviance Deviance is

Read More »

MBA623 Healthcare Management: Technology Analysis

Assessment 3 Information Subject Code: MBA623 Subject Name: Healthcare Management Assessment Title Technology Analysis Assessment Type: Length: Individual video recording 10 minutes maximum Weighting: 30% Total Marks: Submission: 100 Online Due Date: Week 13 Your task Individually, you are required to record a 10-minute webinar discussing My Health Record’s role

Read More »

ARCH7004: Planning and Development Control Assessment 4

Assessment 4: Due on: 14 June 2024 NSW Students: The NSW Coast is considered of great importance in terms of its protection, conservation and development opportunities for the State. Describe the elements on the NSW Coastal Management Framework and the key aspects for development control within the State? What is

Read More »

EDM9780M CEEL Summative Assignment 2023-2024

Below you will find instructions on completing each of the four parts of your final summative assignment. Part 1 – Personal/professional area of interest in education (1000 – 1,500 words max) For this part of the assignment, you will need to: How to complete this part (Part 1): 1. Choose

Read More »

AT1 PREPARATION REFLECTION TEMPLATE

Weighting: 5 marks (10%) of the assignment. COMPLETE & SUBMIT INDIVIDUALLY. This is the second of THREE documents required for submission for the assignment. Complete the following, describing and reflecting upon your involvement with the preparation for the Group Presentation, including your interaction with other members of your team in

Read More »

SUMMATIVE ASSIGNMENT – Mathematics for Science

IMPORTANT INFORMATION 1 Electric power is widely used in industrial, commercial and consumer applications. The latter include laboratory equipment for example water baths, spectrophotometers, and chromatographs. If you have 17.3 kA and 5.5 MV, what is the power? Give the appropriate unit.                                                                                                               (3 marks) 2 Oil immersion objective lenses

Read More »

Assignment CW 2. Foundations of Biology

The instructions in RED are the ones which are mark-bearing and need to be answered as part of the assignment. The instructions in BLACK tell you how to carry out the simulation Diffusion simulation: Results table Use Excel to calculate the mean and standard deviation. The functions are AVERGAGE and

Read More »

MA Education Dissertation Proposal

Student Name Click here to enter text. Student ID                       Proposed title of research project Click here to enter text.       State the background references on which your research is based (ideally 4 or 5) Click here to

Read More »

Assignment: Implement five dangerous software errors

Due: Monday, 6 May 2024, 3:00 PM The requirements for assessment 1: Too many developers are prioritising functionality and performance over security. Either that, or they just don’t come from a security background, so they don’t have security in mind when they are developing the application, therefore leaving the business

Read More »

LNDN08003 DATA ANALYTICS FINAL PROJECT

Business School                                                                 London campus Session 2023-24                                                                   Trimester 2 Module Code: LNDN08003 DATA ANALYTICS FINAL PROJECT Due Date: 12th APRIL 2024 Answer ALL questions. LNDN08003–Data Analytics Group Empirical Research Project Question 2-The project (2500 maximum word limit) The datasets for this assignment should be downloaded from the World Development Indicators (WDI)

Read More »

Microprocessor Based Systems: Embedded Burglar Alarm System

ASSIGNMENT BRIEF 2023/24 Microprocessor Based Systems   Embedded Burglar Alarm System Learning Outcomes This assignment achieves the following learning outcomes:   LO 2 -Use software for developing embedded systems in ‘C’ and testing microcontroller systems including the use of design tools such as Integrated Development Environments and In Circuit Debugger.

Read More »

Imagine you are an IT professional and your manager asked you to give a presentation about various financial tools used to help with decisions for investing in IT and/or security

Part 1, scenario: Imagine you are an IT professional and your manager asked you to give a presentation about various financial tools used to help with decisions for investing in IT and/or security. The presentation will be given to entry-level IT and security employees to understand financial investing. To simulate

Read More »

DX5600 Digital Artefact and Research Report

COLLEGE OF ENGINEERING, DESIGN AND PHYSICAL SCIENCES BRUNEL DESIGN SCHOOL DIGITAL MEDIA MSC DIGITAL DESIGN AND BRANDING MSC DIGITAL DESIGN (3D ANIMTION) MSC DIGITAL DESIGN (MOTION GRAPHICS) MSC DIGITAL DESIGN (IMMERSIVE MIXED REALITY) DIGITAL ARTEFACT AND RESEARCH REPORT                                                                 Module Code: DX5600 Module Title: MSc Dissertation Module Leader: XXXXXXXXXXXXXXXXX Assessment Title:

Read More »

Bsc Public Health and Health Promotion (Top up) LSC LONDON

Health and Work Assignment Brief.                 Assessment brief: A case study of 4,000 words (weighted at 100%) Students will present a series of complementary pieces of written work that:   a) analyse the key workplace issues; b) evaluate current or proposed strategies for managing them from a public health/health promotion perspective

Read More »

6HW109 Environmental Management and Sustainable Health

ASSESSMENT BRIEF MODULE CODE: 6HW109 MODULE TITLE: Environmental Management and Sustainable Health MODULE LEADER: XXXXXXXXX ACADEMIC YEAR: 2022-23 1        Demonstrate a critical awareness of the concept of Environmental Management linked to Health 2        Critically analyse climate change and health public policies. 3        Demonstrate a critical awareness of the concept of

Read More »

PROFESSIONAL SECURE NETWORKS COCS71196

PROFESSIONAL SECURE NETWORKS– Case Study Assessment Information Module Title: PROFESSIONAL SECURE NETWORKS   Module Code: COCS71196 Submission Deadline: 10th May 2024 by 3:30pm Instructions to candidates This assignment is one of two parts of the formal assessment for COCS71196 and is therefore compulsory. The assignment is weighted at 50% of

Read More »

CYBERCRIME FORENSIC ANALYSIS – COCS71193

CYBERCRIME FORENSIC ANALYSIS – COCS71193 Assignment Specification Weighted at 100% of the module mark. Learning Outcomes being assessed by this portfolio. Submission Deadline: Monday 6th May 2024, 1600Hrs. Requirements & Marking Scheme General Guidelines: This is an individual assessment comprised of four parts and is weighted at 100% of the

Read More »

Can't Find Your Assignment?

Open chat
1
Free Assistance
Universal Assignment
Hello 👋
How can we help you?