Research Article
Healthcare Security Incident Response Strategy - A Proactive Incident Response (IR) Procedure
Table 1
Proactive Incident Response (IR) informed by Cyber Threat Intelligence (CTI) in the context of counteracting ransomware
| | | Author(s) | Description |
| | CTI | Barnum [20] | Standard description of CTI using structured threat information expression | | Tounsi and Rais [21] | A survey on technical threat intelligence and its CTI sharing platforms | | He et al. [22] | Proactive cyber defence strategy through feeding CTI into IR processes | | Burger et al. [23] | Taxonomy model for cyber threat intelligence information exchange technologies | | Qamar et al. [24] | Data-driven analytics for CTI through mapping CTI feeds to Web Ontology Language (OWL) ontologies | | Dog et al. [25] | Strategic cyber threat intelligence sharing and a case study on IDS logs | | Li et al. [26] | Operational threat intelligence and a comparative analysis of CTI | | Maymí et al. [27] | Tactical threat intelligence (tactics, techniques, and procedures) |
| | IR | Cichonski et al. [12] | NIST IR model: computer security incident handling guide | | Souppaya and Scarfone [13] | NIST malware incident prevention and handling | | Ahmad et al. [14] | A case study on information systems and security incident response processes | | Moreno et al. [28] | IR processes enhanced by blockchain technologies | | Grispos et al. [30] | IR processes (follow-up stage) improved by Agile methodology |
| | Ransomware | Field [5] | NHS WannaCry ransomware incident investigation and response | | Brewer [34] | Ransomware IR detection, prevention, and cure | | Hassan [32] | Ransomware definition and its variants | | Kyurkchiev et al. [33] | CryptoLocker ransomware analysis and investigation |
|
|
