research-article

Mission-Centric Risk Assessment to Improve Cyber Situational Awareness

Authors:

F. R. L. Silva,

P. JacobAuthors Info & Claims

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

Article No.: 56, Pages 1 - 8

https://doi.org/10.1145/3230833.3233281

Published: 27 August 2018 Publication History

Abstract

Cyber situational awareness has become increasingly important for proactive risk management to help detect and mitigate cyber attacks. Being aware of the importance of individual information system assets to the goal or mission of the organisation is critical to help minimise enterprise risk. However current risk assessment methodologies do not give explicit support to assess mission related asset criticality. This paper describes ongoing efforts within the H2020 PROTECTIVE project to define a practical mission-centric risk assessment methodology for use across diverse organisation types.

References

[1]

Christopher J. Alberts, Audrey J. Dorofee, James F. Stevens, and Carol Woody. 2001. Introduction to the OCTAVE Approach. Retrieved may 20, 2018 from https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=51546

[2]

Richard A Caralli, James F Stevens, Lisa R Young, and William R Wilson. 2007. Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process.

[3]

Protective Consortium. 2018. PROTECTIVE: Proactive Risk Management through Improved Cyber Situational Awareness. Retrieved May 20, 2018 from https://protective-h2020.eu

[4]

J. Dai, X. Sun, P. Liu, and N. Giacobe. 2012. Gaining Big Picture Awareness through an Interconnected Cross-layer Situation Knowledge Reference Model. In IEEE International Conference on Cyber Security ICCS 2012.

Digital Library

[5]

A. K. A. de Medeiros, W. M. P. van der Aalst, and A.J. M. M. Weijters. 2003. Workflow mining: Current status and future directions. On The Move to Meaningful Internet Systems. In Proceedings of CoopIS, DOA, and ODBASE. Rhodes, Greece.

[6]

A. DeAmico, L. Buchanan, J. Goodall, and P. Walczak. 2010. Mission Impact of Cyber Events: Scenarios and Ontology to Express the Relationships between Cyber Assets, Mission and Users. In Fifth International Conference on Information Warfare and Security. Ohio.

[7]

Gerry Dickinson. 2001. Enterprise Risk Management: Its Origins and Conceptual Foundation. Geneva Papers on Risk and Insurance - Issues and Practice 26, 3 (jul 2001), 360--366.

[8]

S. Noel et al. 2011. Analyzing Mission Impacts of Cyber Actions (AMICA). In Proceedings of the Workshop: Assessing Mission Impact of Cyberattacks (NATO IST-128). NATO, Istanbul, Turkey, 80--86.

[9]

X. Chen et al. 2008. Automating network application dependency discovery: Experiences, limitations, and new solutions. In Proceedings of the 8th USENIX conference on Operating systems design and implementation. 117--130.

Digital Library

[10]

M.R. Grimalia and L. W. Fortso. 2007. Towards an Information Asset-Based Defensive Cyber Damage Assessment Process. In IEEE Symposium on Computational Intelligence in Security and Defence Applications. Honolulu.

[11]

J. Guion and M. Reith. 2017. Cyber Terrain Mission Mapping Tools and Methodologies. In Proceedings of the 2017 International Conference on Cyber Conflict (CyCon U.S.). Denver, 21--26.

[12]

W. Heinbockel, S. Noel, and J. Curbo. 2016. Mission Dependency Modeling for Cyber Situational Awareness. In Proceedings of the Cyber Defence Situation Awareness (STO-MP-IST-148). NATO, Sofia, Bulgaria.

[13]

igrafx.com. {n. d.}. iGrafx process modelling tool. Retrieved June 7, 2018 from www.igrafx.com

[14]

ISO. 2011. Information Technology-Security techniques-Information security risk management,.

[15]

G. Jakobson. 2011. Mission Cyber Security Situation Assessment Using Impact Dependency Graphs. In 4th International Conference on Information Fusion. Chicago.

[16]

A. Kott, C. Wang, and R. F. Erbacher. 2014. Cyber Defense and Situational Awareness (1st. ed.). Springer, Switzerland.

Digital Library

[17]

Donald L. Buckshaw, Gregory Parnell, Willard L. Unkenholz, Donald L. Parks, James M. Wallner, and O Saydjari. 2005. Mission Oriented Risk and Design Analysis of Critical Information Systems. 10 (March 2005).

[18]

S. Musman, M. Tanner, A. Temin, M. Elsaesser, and L. Loren. 2011. Computing the Impact of Cyber Attacks on Complex Missions. In Proc. Intl. Systems Conference (SysCon). Montreal.

[19]

NIST. 2011. Managing Information Security Risk. NIST SP 800-39 (March 2011).

[20]

NIST. 2012. Guide for Conducting Risk Assessments - Information Security.

[21]

X. Sun, A. Singhal, and P. Liu. 2015. Who Touched My Mission: Towards probabilistic Mission Impact Assessment. In Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense. Denver, 21--26.

Digital Library

[22]

US-CERT. {n. d.}. Asset Management. https://www.us-cert.gov/sites/default/files/c3vp/crr_resources_guides/CRR_Resource_Guide-AM.pdf

[23]

J. Watters, S. Morrisey, D. Bodeau, and S.C. Powers. 2009. The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues. Mitre Corp. Technical Report 09-2994 (2009).

Cited By

Smyrlis MFloros EBasdekis IPrelipcean DSotiropoulos ADebar HZarras ASpanoudakis G(2024)RAMA: a risk assessment solution for healthcare organizationsInternational Journal of Information Security10.1007/s10207-024-00820-423:3(1821-1838)Online publication date: 1-Mar-2024
https://doi.org/10.1007/s10207-024-00820-4
Bergström EAndersson SLundgren M(2024)To Risk Analyse, or Not to Risk Analyse: That’s the QuestionHuman Aspects of Information Security and Assurance10.1007/978-3-031-72559-3_8(107-119)Online publication date: 28-Nov-2024
https://doi.org/10.1007/978-3-031-72559-3_8
Sadlek LČeleda P(2024)Cyber Key Terrain Identification Using Adjusted PageRank CentralityICT Systems Security and Privacy Protection10.1007/978-3-031-56326-3_21(293-306)Online publication date: 24-Apr-2024
https://doi.org/10.1007/978-3-031-56326-3_21
Show More Cited By

Recommendations

Framework for risk assessment in cyber situational awareness

A large number of data is generated to help network analysts to evaluate the network security situation in traditional detection and prevention measures, but it is not used fully and effectively, there is not a holistic view of the network situation on it ...
Security Evaluation for Cyber Situational Awareness
HPCC '14: Proceedings of the 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS)

The paper considers techniques for measurement and calculation of security metrics taking into account attack graphs and service dependencies. The techniques are based on several assessment levels (topological, attack graph level, attacker level, events ...
Cyber Risk Assessment for Insurability Verification
PECCS 2018: Proceedings of the 8th International Joint Conference on Pervasive and Embedded Computing and Communication Systems

Nowadays, cyber-risks are an important aspect on the business agenda in every company, but they are difficult to analyse. Cyber-insurance is considered as appropriate means to absorb financial losses caused by computer security breaches. Cyber security ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

August 2018

603 pages

ISBN:9781450364485

DOI:10.1145/3230833

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Universität Hamburg: Universität Hamburg

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

H2020 Leadership in Enabling and Industrial Technologies

Conference

ARES 2018

ARES 2018: International Conference on Availability, Reliability and Security

August 27 - 30, 2018

Hamburg, Germany

Acceptance Rates

ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
371
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Smyrlis MFloros EBasdekis IPrelipcean DSotiropoulos ADebar HZarras ASpanoudakis G(2024)RAMA: a risk assessment solution for healthcare organizationsInternational Journal of Information Security10.1007/s10207-024-00820-423:3(1821-1838)Online publication date: 1-Mar-2024
https://doi.org/10.1007/s10207-024-00820-4
Bergström EAndersson SLundgren M(2024)To Risk Analyse, or Not to Risk Analyse: That’s the QuestionHuman Aspects of Information Security and Assurance10.1007/978-3-031-72559-3_8(107-119)Online publication date: 28-Nov-2024
https://doi.org/10.1007/978-3-031-72559-3_8
Sadlek LČeleda P(2024)Cyber Key Terrain Identification Using Adjusted PageRank CentralityICT Systems Security and Privacy Protection10.1007/978-3-031-56326-3_21(293-306)Online publication date: 24-Apr-2024
https://doi.org/10.1007/978-3-031-56326-3_21
Fauzi RSembiring J(2023)A Review on Information Security Risk Assessment of Smart Systems: Risk Landscape, Challenges, and Prospective Methods2023 10th International Conference on ICT for Smart Society (ICISS)10.1109/ICISS59129.2023.10291306(1-6)Online publication date: 6-Sep-2023
https://doi.org/10.1109/ICISS59129.2023.10291306
Chaudhary SGkioulos VKatsikas S(2023)A quest for research and knowledge gaps in cybersecurity awareness for small and medium-sized enterprisesComputer Science Review10.1016/j.cosrev.2023.10059250(100592)Online publication date: Nov-2023
https://doi.org/10.1016/j.cosrev.2023.100592
Hannou FRihany MLammari NHamdi FMimouni NAtigui FSi-Said Cherfi STourron P(2022)Semantic-Based Approach for Cyber-Physical Cascading Effects Within Healthcare InfrastructuresIEEE Access10.1109/ACCESS.2022.317125210(53398-53417)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3171252
Javorník MHusák M(2022)Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack GraphEngineering Reports10.1002/eng2.125384:12Online publication date: 9-Jun-2022
https://doi.org/10.1002/eng2.12538
Sotelo Monge MMaestre Vidal JMedenou Choumanof R(2021)Adaptive Mitigation of Tactical Denial of SustainabilityProceedings of the 16th International Conference on Availability, Reliability and Security10.1145/3465481.3470084(1-9)Online publication date: 17-Aug-2021
https://dl.acm.org/doi/10.1145/3465481.3470084
Hannou FAtigui FLammari NCherfi S(2021)SafecareOnto: A Cyber-Physical Security Ontology for Healthcare SystemsDatabase and Expert Systems Applications10.1007/978-3-030-86475-0_3(22-34)Online publication date: 1-Sep-2021
https://doi.org/10.1007/978-3-030-86475-0_3
Javorník MKomárková JSadlek LHusák M(2020)Decision Support for Mission-Centric Network Security ManagementNOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS47738.2020.9110261(1-6)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1109/NOMS47738.2020.9110261
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten