Integrating AI-driven Threat Intelligence and Forecasting in the Cyber Security Exercise Content Generation Lifecycle

Abstract

The escalating complexity and impact of cy- ber threats require organisations to prepare to respond to cyber attacks by routinely conducting cyber secu- rity exercises. However, the effectiveness of these exer- cises is limited by their ability to replicate real-world scenarios in a timely but, most importantly, pertinent manner to the training audience. To address this issue, we propose the integration of AI-driven sectorial threat intelligence and forecasting to identify emerging and relevant threats and anticipate their impact in differ- ent industries. By incorporating such automated anal- ysis and forecasting into the design of cyber security exercises, organisations can simulate real-world scenar- ios more accurately and assess their ability to respond to emerging threats. Fundamentally, our approach en- hances the effectiveness of cyber security exercises by tailoring the scenarios to reflect the elements that are more relevant and timely to the sector of the targeted organisation, thereby enhancing its preparedness for cy- ber attacks. To assess the efficacy of our forecasting methodology, we conducted a survey with domain ex- perts and report their feedback and evaluation of the proposed methodology.

Keywords Cyber security exercise scenarios, Machine learning, Threat intelligence, Threat forecasting