Action Recommendation for Cyber Resilience

Choudhury, Sutanay; Rodriguez, Luke; Curtis, Darren; Oler, Kiri; Nordquist, Peter; Chen, Pin-Yu; Ray, Indrajit

doi:10.1145/2809826.2809837

Cited by 12 publications

(4 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[70]. Sutanay Choudhury et al introduced a straightforward and deterministic graph-based model that depicts the infrastructure, behavior, and missions of an enterprise, serving as a means to attain resilience against failures and attacks [71].…”

Section: Mapping the Landscape Of Cyber Resilience Research: A Review...mentioning

confidence: 99%

Tracing the evolution of cyber resilience: a historical and conceptual review

Tzavara,

Vassiliadis

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

In 2000, during a time when cyber security research was focused on the risks and threats posed by digital systems, the notion of being able to withstand and recover from cyber attacks, also known as cyber resilience, emerged. Recently, this concept has gained increasing attention due to the COVID-19 pandemic and the rapid acceleration of digitalization. While experts acknowledge the distinction between cyber security and cyber resilience, the exact definition and evolution of the latter remain somewhat ambiguous. The aim of this paper is to offer a thorough comprehension of how the notion of cyber resilience has developed throughout history. It delves into the concept of cyber resilience and its progression over time in response to the rising frequency and complexity of cyber threats. Cyber resilience, a new concept, has gained significant recognition as a critical component of cyber security strategy across diverse sectors, encompassing public and private domains alike. It begins with an overview of the definition and key components of cyber resilience and then traces the origin of the concept from its early development in the 2000s. The paper also explores the major milestones and events that have shaped the evolution of this capacity, including changes in technology and societal factors, up to the COVID-19 pandemic outbreak. This study provides valuable insights into future challenges for ensuring the continued resilience of digital infrastructure by examining the historical and contextual factors that have influenced the concept.

show abstract

Section: Mapping the Landscape Of Cyber Resilience Research: A Review...mentioning

confidence: 99%

Tracing the evolution of cyber resilience: a historical and conceptual review

Tzavara,

Vassiliadis

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…Research projects conducted in recent years have helped companies develop frameworks to build resilience against cyber threats. This framework emphasizes goals such as anticipating, defending, recovering, and adapting to reduce the effects of actual or anticipated cyber threats and adapt to changes in mission and business operations [39,40]. The framework provides a step-by-step guide that companies can follow to build resilience against cyber threats [41].…”

Section: Cyber Resilience Frameworkmentioning

confidence: 99%

Counterattacking Cyber Threats: A Framework for the Future of Cybersecurity

Safitra,

Lubis,

Fakhrurroja

2023

Sustainability

View full text Add to dashboard Cite

Amidst the rapid advancements in the digital landscape, the convergence of digitization and cyber threats presents new challenges for organizational security. This article presents a comprehensive framework that aims to shape the future of cyber security. This framework responds to the complexities of modern cyber threats and provides guidance to organizations to enhance their resilience. The primary focus lies in the integration of capabilities with resilience. By combining these elements into cyber security practices, organizations can improve their ability to predict, mitigate, respond to, and recover from cyber disasters. This article emphasizes the importance of organizational leadership, accountability, and innovation in achieving cyber resilience. As cyber threat challenges continue to evolve, this framework offers strategic guidance to address the intricate dynamics between digitization and cyber security, moving towards a safer and more robust digital environment in the future.

show abstract

“…Additionally, papers considering reactive response and recovery apply to narrow settings which do not apply to our work. For example, the approaches by [4,21] only apply to settings where a control action to correct for a deviation from desired performance is easy to determine in advance, and to apply automatically.…”

Section: Related Workmentioning

confidence: 99%

Efficient Attack Countermeasure Selection Accounting for Recovery and Action Costs

Soikkeli

Muñoz-González

Lupu

2019

Proceedings of the 14th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

The losses arising from a system being hit by cyber attacks can be staggeringly high, but defending against such attacks can also be costly. This work proposes an attack countermeasure selection approach based on cost impact analysis that takes into account the impacts of actions by both the attacker and the defender.We consider a networked system providing services whose provision depends on other components in the network. We model the costs and losses to service availability from compromises and defensive actions to the components, and show that while containment of the attack can be an effective defensive strategy, it can be more cost-efficient to allow parts of the attack to continue further whilst focusing on recovering services to a functional state. Based on this insight, we build a countermeasure selection method that chooses the most cost-effective action based on its impact on expected losses and costs over a given time horizon. Our method is evaluated using simulations in synthetic graphs representing network dependencies and vulnerabilities, and found to perform well in comparison to alternatives.

show abstract

Action Recommendation for Cyber Resilience

Cited by 12 publications

References 9 publications

Tracing the evolution of cyber resilience: a historical and conceptual review

Tracing the evolution of cyber resilience: a historical and conceptual review

Counterattacking Cyber Threats: A Framework for the Future of Cybersecurity

Efficient Attack Countermeasure Selection Accounting for Recovery and Action Costs

Contact Info

Product

Resources

About