A Multi-Attribute Approach for Cyber Threat Intelligence Product and Services Selection

Abstract

Cyber Threat Intelligence (CTI) is a significant field in Cyber Security research. It enables organizations to share threat data and allow a proactive defence against sophisticated intrusion attempts. The wide variety in the CTI products and services offered by different providers from the market, makes it difficult for the security experts to decide which CTI provider is the most suitable according to their security program requirements. CTI products and services provider selection is a complex decision-making problem that involves multiple criteria. The aim of the present paper is to propose a multiattribute approach based on the VIKOR method for CTI providers ranking and selection, according to a set of criteria. A case study based on the users’ evaluations reviews about the security threats intelligence providers is studied. The impact of the VIKOR user parameter variation on the CTI providers ranking is analysed. The proposed approach is a support tool for the security program leaders faced with the decision of selecting the CTI providers. It also helps the CTI service providers to improve the quality of their products and services.