Scientific article
Open access

Efficient collective action for tackling time-critical cybersecurity threats

Published inJournal of Cybersecurity, vol. 9, no. 1, p. 13; tyad021
Publication date2023-01-01
First online date2023-11-07


The latency reduction between the discovery of vulnerabilities, the build-up, and the dissemination of cyberattacks has put significant pressure on cybersecurity professionals. For that, security researchers have increasingly resorted to collective action in order to reduce the time needed to characterize and tame outstanding threats. Here, we investigate how joining and contribution dynamics on Malware Information Sharing Platform (MISP), an open-source threat intelligence sharing platform, influence the time needed to collectively complete threat descriptions. We find that performance, defined as the capacity to characterize quickly a threat event, is influenced by (i) its own complexity (negatively), by (ii) collective action (positively), and by (iii) learning, information integration, and modularity (positively). Our results inform on how collective action can be organized at scale and in a modular way to overcome a large number of time-critical tasks, such as cybersecurity threats.

  • Cybersecurity
  • Information sharing
  • Collective action
  • Information integration
  • Economies of scales
  • Malware Information Sharing Platform (MISP)
Citation (ISO format)
GILLARD, Sébastien et al. Efficient collective action for tackling time-critical cybersecurity threats. In: Journal of Cybersecurity, 2023, vol. 9, n° 1, p. 13. doi: 10.1093/cybsec/tyad021
Main files (3)
Article (Published version)
Article (Published version)
Article (Published version)

Technical informations

Creation12/15/2023 7:07:26 AM
First validation12/18/2023 9:34:12 AM
Update time12/18/2023 9:34:12 AM
Status update12/18/2023 9:34:12 AM
Last indexation05/06/2024 5:37:11 PM
All rights reserved by Archive ouverte UNIGE and the University of GenevaunigeBlack