Cyber Threat Observatory: Design and Evaluation of an Interactive Dashboard for Computer Emergency Response Teams

Authors

Marc-André Kaufhold, Technische Universität DarmstadtFollow
Ali Sercan Basyurt, University of Duisburg-EssenFollow
Kaan Eyilmez, Virtimo AGFollow
Marc Stöttinger, Hessian Ministry of the Interior and SportsFollow
Christian Reuter, Technische Universität DarmstadtFollow

Paper Number

1561

Abstract

Computer emergency response teams (CERTs) of the public sector provide preventive and reactive cybersecurity services for authorities, citizens, and enterprises. However, their tasks of monitoring, analyzing, and communicating threats to establish cyber situational awareness are getting more complex due to the increasing information volume disseminated through public channels. Besides the time-consuming data collection for incident handling and daily reporting, CERTs are often confronted with irrelevant, redundant, or incredible information, exacerbating the time-critical prevention of and response to cyber threats. Thus, this design science research paper presents the user-centered design and evaluation of the Cyber Threat Observatory, which is an automatic, cross-platform and real-time cybersecurity dashboard. Based on expert scenario-based walkthroughs and semi-structured interviews (N=12), it discusses six design implications, including customizability and filtering, data source modularity, cross-platform interrelations, content assessment algorithms, integration with existing software, as well as export and communication capabilities.

Recommended Citation

Kaufhold, Marc-André; Basyurt, Ali Sercan; Eyilmez, Kaan; Stöttinger, Marc; and Reuter, Christian, "Cyber Threat Observatory: Design and Evaluation of an Interactive Dashboard for Computer Emergency Response Teams" (2022). ECIS 2022 Research Papers. 99.
https://aisel.aisnet.org/ecis2022_rp/99