Given the increasing frequency and severity of cyber attacks on information systems of all kinds, there is interest in rationalized approaches for selecting the “best” set of cybersecurity mitigations. However, what is best for one target environment is not necessarily best for another. This paper examines an approach to the selection that uses a set of weighted criteria, where the security engineer sets the weights based on organizational priorities and constraints. The approach is based on a capability-based representation for defensive solutions. The paper discusses a group of artifacts that compose the approach through the lens of Design Science research and reports performance results of an instantiation artifact
Intelligent classification systems proved their merits in different fields including cybersecurity. ...
Critical infrastructures must be able to mitigate, at runtime, suspected ongoing cyberattacks that h...
During the last decade the techniques and tools of cyber attacks have become more sophisticated, the...
Given the increasing frequency and severity of cyber attacks on information systems of all kinds, th...
Cyber systems are ubiquitous in all aspects of society. At the same time, breaches to cyber systems ...
The use of information has dramatically changed over the past decade. In addition to traditional cyb...
With the increasing exposure and vulnerability to cyber attacks, it becomes necessary to develop met...
The relentless and often haphazard process of tracking and remediating vulnerabilities is a top conc...
Background: Cybersecurity has risen to international importance. Almost every organization will fall...
The new opportunities that come with the Internet as a worldwide network bring the new threats and r...
Cyber-enabled systems are increasingly ubiquitous and interconnected, showing up in traditional ente...
Kiesling E, Ekelhart A, Grill B, Strauss C, Stummer C. Selecting security control portfolios: A mult...
Abstract— An article herein presents an optimization model, designated for computational core of dec...
When investing in cyber security resources, information security managers have to follow effective d...
Critical infrastructures are increasingly reliant on information and communications technology (ICT)...
Intelligent classification systems proved their merits in different fields including cybersecurity. ...
Critical infrastructures must be able to mitigate, at runtime, suspected ongoing cyberattacks that h...
During the last decade the techniques and tools of cyber attacks have become more sophisticated, the...
Given the increasing frequency and severity of cyber attacks on information systems of all kinds, th...
Cyber systems are ubiquitous in all aspects of society. At the same time, breaches to cyber systems ...
The use of information has dramatically changed over the past decade. In addition to traditional cyb...
With the increasing exposure and vulnerability to cyber attacks, it becomes necessary to develop met...
The relentless and often haphazard process of tracking and remediating vulnerabilities is a top conc...
Background: Cybersecurity has risen to international importance. Almost every organization will fall...
The new opportunities that come with the Internet as a worldwide network bring the new threats and r...
Cyber-enabled systems are increasingly ubiquitous and interconnected, showing up in traditional ente...
Kiesling E, Ekelhart A, Grill B, Strauss C, Stummer C. Selecting security control portfolios: A mult...
Abstract— An article herein presents an optimization model, designated for computational core of dec...
When investing in cyber security resources, information security managers have to follow effective d...
Critical infrastructures are increasingly reliant on information and communications technology (ICT)...
Intelligent classification systems proved their merits in different fields including cybersecurity. ...
Critical infrastructures must be able to mitigate, at runtime, suspected ongoing cyberattacks that h...
During the last decade the techniques and tools of cyber attacks have become more sophisticated, the...