User:T0b0rx0r/Choose an Article

Article Selection
Please list articles that you're considering for your Wikipedia assignment below. Begin to critique these articles and find relevant sources.

Option 1

 * Article title
 * Supply chain cyber security


 * Article Evaluation
 * Article not written in a neutral tone. While the topic is broad "supply chain cyber security", the definition provided in within the article asserts the topic is about enhancing cyber security efforts.  Based on wiki guidelines it would be assumed the article should discuss the nature of the supply chain as it relates to cyber security, examples of a cyber security supply chain, threats to the supply chain as well as efforts to secure it.
 * Article contains limited peer reviewed references. The article contains 3 references in total, 1 peer reviewed, 1 from a consultant  and 1 from a online magazine.  Based on wiki guidelines a broader set of references could be used to establish the theory, historical context and modern relevance.


 * Sources
 * Boyens, J., Paulsen, C., Bartol, N., Winkler, K., & Gimbi, J. (2020). Case Studies in Cyber Supply Chain Risk Management Summary of Findings and Recommendations.  Retrieved from https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.02042020-1.pdf
 * FAWCETT, S. E., WALLIN, C., ALLRED, C., FAWCETT, A. M., & MAGNAN, G. M. (2011). Information Technology as an Enabler of Supply Chain Collaboration: A Dynamic-Capabilities Perspective. 47. Retrieved from https://onlinelibrary.wiley.com/doi/epdf/10.1111/j.1745-493X.2010.03213.x
 * National Institute of Standards and Technology. (n.d.-a). Best Practices in Cyber Supply Chain Risk Management                https://csrc.nist.gov/CSRC/media/Projects/Supply-Chain-Risk-Management/documents/briefings/Workshop-Brief-on-Cyber-Supply-Chain-Best-Practices.pdf National Institute of Standards and Technology. (n.d.-b). Workshop Brief on Cyber SCRM Business Case.  Retrieved from https://csrc.nist.gov/CSRC/media/Projects/Supply-Chain-Risk-Management/documents/briefings/Workshop-Brief-on-Cyber-SCRM-Business-Case.pdf

Option 2

 * Article title
 * Cyber insurance


 * Article Evaluation
 * Limited use of citations. A flag at the start of the article notes its lack of citations.  Several sections appear to be uncited as well as factually incorrect.
 * Article contains poor content. The articles contains some content that appears to be wrong while other content while factually accurate is irrelevant to the topic.
 * Disjointed tone. The article has clearly been written by multiple parties and suffers for poor diction, grammatical mistakes and uneven flow in some areas.


 * Sources
 * Cybersecurity & Infrastructure Security Agency. (n.d.). Cybersecurity Insurance. Retrieved from https://www.cisa.gov/cybersecurity-insurance
 * D.Bodin, L., A.Gordonb, L., P.Loebb, M., & AlunaWangc. (2018). Cybersecurity insurance and risk-sharing. Journal of Accounting and Public Policy, 37(6), 527-544. doi: https://doi.org/10.1016/j.jaccpubpol.2018.10.004
 * Marotta, A., Martinelli, F., Nanni, S., Orlando, A., & Yautsiukhin, A. (2017). Cyber-insurance survey. Computer Science Review. doi: http://dx.doi.org/10.1016/j.cosrev.2017.01.001 Meland, P. H., Tondel, I. A., & Solhaug, B. (2015). Mitigating Risk with Cyberinsurance. IEEE Security & Privacy, 13(6), 38-43. doi:10.1109/MSP.2015.137

Option 3

 * Article title
 * Cyber Threat Intelligence


 * Article Evaluation
 * Article suffers from limited content. The article is very short for a topic where numerous books have been written and a multi billion dollar industry exists.  Critical topics on SKRAM, intelligence sharing and methodologies on how to analyze CTI are not present.
 * The article's text is disjointed. The article has clearly been written my multiple parties at different times as the material contains sections that are somewhat incoherent.


 * Sources
 * Barnum, S. (2014). Standardizing Cyber Threat Intelligence Information with the Structured Threat Information eXpression (STIX™). Retrieved from http://www.standardscoordination.org/sites/default/files/docs/STIX_Whitepaper_v1.1.pdf
 * Samtani, S., Abate, M., Benjamin, V. A., & Li, W. (2019). Cybersecurity as an Industry: A Cyber Threat Intelligence Perspective.

Option 4

 * Article title
 * Lockheed Martin Cyber Kill Chain (new article)


 * Article Evaluation
 * Much to my surprise, the seminal work of the Lockheed Martin Cyber Kill does not have an article within Wikipedia. The Lockheed Martin Cyber Kill Chain is a methodology for describing the stages of cyber intrusion with the goal of preventing attacks.  A very notable topic, the CKC is the foundation from more modern works such as the MITRE Attack framework.


 * Sources
 * Hutchins, E. M., Cloppert, M. J., & Amin, R. M. (2011). Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Paper presented at the Proceedings of the 6th International Conference on Information Warfare and Security.
 * Dargahi, T., Dehghantanha, A., Bahrami, P. N., Conti, M., Bianchi, G., & Benedetto, L. (2019). A Cyber-Kill-Chain based taxonomy of crypto-ransomware features. Journal of Computer Virology and Hacking Techniques. doi: https://doi.org/10.1007/s11416-019-00338-7

Option 5

 * Article title
 * Cyber Threat Information Sharing (new article)


 * Article Evaluation
 * This is another topic which surprisingly did not have a dedicated article. Cyber Threat Information Sharing is the topic that the 2015 U.S. federal legislation "Cybersecurity Information Sharing Act" was based on.  This is a notable subject domain as it underpins a critical industry within cyber security.  CTI sharing pertains the methodology and necessity for sharing critical indicators of compromise between organizations with the goal of increasing defensive efficacy.


 * Sources
 * Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Guide to Cyber Threat Information Sharing. Retrieved from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-150.pdf
 * Mohaisen, A., Al-Ibrahim, O., Kamhoua, C., Kwiat, K., & Njilla, L. (2017). Rethinking information sharing for threat intelligence. Paper presented at the Proceedings of the fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies, San Jose, California. https://doi.org/10.1145/3132465.3132468
 * Zrahia, A. (2018). Threat intelligence sharing between cybersecurity vendors: Network, dyadic, and agent views. Journal of Cybersecurity, 4(1). doi:10.1093/cybsec/tyy008