<![CDATA[In 2021 and 2022, the stakeholder response rate to notifications sent by BSSN was only 9% of the total notifications delivered. In establishing the Nat-CSIRT, BSSN needs to implement breakthroughs to increase the number of responses and follow-ups to these notifications, thereby enhancing situational awareness and strengthening the national cybersecurity posture. Therefore, the role of Nat-CSIRT is crucial in optimizing threat intelligence sharing at the national level. The implementation of threat intelligence sharing has been mandated by various national and organizational policies, which underscores the urgency of executing the established policy directions. This paper focuses on strategies for the role of Nat-CSIRT in the implementation of national-level threat intelligence sharing by delving into the root causes of the suboptimal sharing using a problem tree analysis. Furthermore, the paper determines the strategic optimization of Nat-CSIRT’s role through a SWOT analysis, resulting in a strategy that leverages strengths to seize opportunities (S-O Strategy). This strategy is carried out through a three-phase action plan—short-term, medium-term, and long-term—targeting the development of human resources, governance, and technology. In addition, the paper presents a model for a national-level threat intelligence sharing scheme for the National Cyber Threat Intelligence System and National Cyber Incident Database Center, enabling stakeholders to automatically implement standardized information exchange in a secure, swift, and accurate manner, while applying the Traffic Light Protocol. This approach is expected to lead to more effective cyber threat response and mitigation.]]>
Copyrights © 2025
