CyberTOMP: A Novel Systematic Framework to Manage Asset-Focused Cybersecurity From Tactical and Operational Levels

The increase in frequency and complexity of cyberattacks has heightened concerns regarding cybersecurity and created an urgent need for organizations to take action. To effectively address this challenge, a comprehensive and integrated approach is required involving a cross-functional cybersecurity workforce that spans tactical and operational levels. In this context there can be various combinations of cybersecurity actions that affect different functional domains and that allow for meeting the established requirements. In these cases, agreement will be needed, but finding high-quality combinations requires analysis from all perspectives on a case-by-case basis. With a large number of cybersecurity factors to consider, the size of the search space of potential combinations becomes unmanageable without automation. To solve this issue, we propose Fast, Lightweight, and Efficient Cybersecurity Optimization (FLECO), an adaptive, constrained, and multi-objective genetic algorithm that reduces the time required to identify sets of high-quality cybersecurity actions. FLECO enables productive discussions on viable solutions by the cross-functional cybersecurity workforce within an organization, fostering managing meetings where decisions are taken and boosting the overall cybersecurity management process. Our proposal is novel in its application of evolutionary computing to solve a managerial issue in cybersecurity and enhance the tactical–operational cybersecurity management process.

show abstract

Boosting Holistic Cybersecurity Awareness with Outsourced Wide-Scope CyberSOC: A Generalization from a Spanish Public Organization Study

Domínguez-Dorado,

Rodríguez-Pérez,

Carmona-Murillo

et al. 2023

Information

View full text Add to dashboard Cite

Public sector organizations are facing an escalating challenge with the increasing volume and complexity of cyberattacks, which disrupt essential public services and jeopardize citizen data and privacy. Effective cybersecurity management has become an urgent necessity. To combat these threats comprehensively, the active involvement of all functional areas is crucial, necessitating a heightened holistic cybersecurity awareness among tactical and operational teams responsible for implementing security measures. Public entities face various challenges in maintaining this awareness, including difficulties in building a skilled cybersecurity workforce, coordinating mixed internal and external teams, and adapting to the outsourcing trend, which includes cybersecurity operations centers (CyberSOCs). Our research began with an extensive literature analysis to expand our insights derived from previous works, followed by a Spanish case study in collaboration with a digitization-focused public organization. The study revealed common features shared by public organizations globally. Collaborating with this public entity, we developed strategies tailored to its characteristics and transferrable to other public organizations. As a result, we propose the “Wide-Scope CyberSOC” as an innovative outsourced solution to enhance holistic awareness among the cross-functional cybersecurity team and facilitate comprehensive cybersecurity adoption within public organizations. We have also documented essential requirements for public entities when contracting Wide-Scope CyberSOC services to ensure alignment with their specific needs, accompanied by a management framework for seamless operation.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

CyberTOMP: A Novel Systematic Framework to Manage Asset-Focused Cybersecurity From Tactical and Operational Levels

Cited by 3 publications

References 42 publications

FLECO: A tool to boost the adoption of holistic cybersecurity management

FLECO: A tool to boost the adoption of holistic cybersecurity management

Fast, Lightweight, and Efficient Cybersecurity Optimization for Tactical–Operational Management

Boosting Holistic Cybersecurity Awareness with Outsourced Wide-Scope CyberSOC: A Generalization from a Spanish Public Organization Study

Contact Info

Product

Resources

About