A collaborative cyber incident management system for European interconnected critical infrastructures

Settanni, Giuseppe; Skopik, Florian; Shovgenya, Yegor; Fiedler, Roman; Carolan, Mark; Conroy, Damien; Boettinger, Konstantin; Gall, Mark; Brost, Gerd; Ponchel, Christophe; Haustein, Mirko; Kaufmann, Helmut; Theuerkauf, Klaus; Olli, Pia

doi:10.1016/j.jisa.2016.05.005

Cited by 41 publications

(33 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also identified further proposals of SOC architectures within the relevant literature, focusing on SOCs for specific use cases. Settani et al [47] describe the implementation of a SOC architecture for critical infrastructure providers. Tafazzoli and Grakani propose an architecture for processing events in an OpenStack environment to detect attacks in the cloud on a very superficial level [48].…”

Section: ) Technological Architectures and Designsmentioning

confidence: 99%

Security Operations Center: A Systematic Study and Open Challenges

et al. 2020

View full text Add to dashboard Cite

Section: ) Technological Architectures and Designsmentioning

confidence: 99%

Security Operations Center: A Systematic Study and Open Challenges

et al. 2020

View full text Add to dashboard Cite

“…The Security Controller is the smart entity that automates as much as possible all security workflows. According to on-going initiatives [8], the main role The second, and more challenging, is the derivation of the necessary information from an on-going attack or offline analysis [14,15]. While the former is already addressed by several standardization initiatives (e.g., STIX), the latter…”

Section: Security Controllermentioning

confidence: 99%

An architecture to manage security operations for digital service chains

Repetto

Carrega²,

Rapuzzi³

2021

Future Generation Computer Systems

View full text Add to dashboard Cite

Evolving business models are progressively pushing for increasing digitalization of existing and novel processes. The ICT industry is already addressing this need by massive introduction of virtualization paradigms and tight integration with the physical environment, which allow the creation of multi-domain and complex business service chains. Emerging technologies undoubtedly bring more agility in service deployment and operation but also break traditional security models, which have not been conceived for dynamic and multi-tenancy environments. In this paper, we briefly elaborate on existing gaps and research challenges towards advanced assurance and protection of trustworthy and reliable business chains spanning multiple administrative domains and heterogeneous infrastructures. We consolidate our analysis in a reference architecture, which includes all functional elements to effectively tackle the dynamic and agile nature of emerging ICT paradigms.

show abstract

“…In order to solve this problem, considering the choices of other users with similar systems, also through the use of new predictive algorithm, a solution is presented to the user. In the literature there are many examples of collaborative systems [25][26][27][28][29]. Our choice is different because in the software platform we implement algorithms able (i) to predict the user choices of risk values starting from what other users did before, (ii) understanding which users are more similar to the new one.…”

Section: Predictionmentioning

confidence: 99%

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

et al. 2019

View full text Add to dashboard Cite

Cyber risk management is a very important problem for every company connected to the internet. Usually, risk management is done considering only Risk Analysis without connecting it with Vulnerability Assessment, using external and expensive tools. In this paper we present CYber Risk Vulnerability Management (CYRVM)-a custom-made software platform devised to simplify and improve automation and continuity in cyber security assessment. CYRVM's main novelties are the combination, in a single and easy-to-use Web-based software platform, of an online Vulnerability Assessment tool within a Risk Analysis framework following the NIST 800-30 Risk Management guidelines and the integration of predictive solutions able to suggest to the user the risk rating and classification.

show abstract

A collaborative cyber incident management system for European interconnected critical infrastructures

Cited by 41 publications

References 8 publications

Security Operations Center: A Systematic Study and Open Challenges

Security Operations Center: A Systematic Study and Open Challenges

An architecture to manage security operations for digital service chains

A Web Platform for Integrated Vulnerability Assessment and Cyber Risk Management

Contact Info

Product

Resources

About