Cyber Security Cartographies: CySeCa

网络安全制图：CySeCa

• 批准号: EP/K006266/1
• 负责人: Lizzie Coles-Kemp
• 金额: $ 96万
• 依托单位: Royal Holloway University of London
• 依托单位国家: 英国
• 项目类别: Research Grant
• 财政年份: 2012
• 资助国家: 英国
• 起止时间: 2012 至 无数据
• 项目状态: 已结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FK006266%2F1
• 关键词: Cyber; Security; Cartographies; CySeCa

"The growth of the internet has been the biggest social and technological change of my lifetime [...] It will have a huge role to play in supporting sustainable development in poorer countries. At the same time our increasing dependence on cyber space has brought new risks, risks that key data and systems on which we now rely can be compromised or damaged, in ways that are hard to detect or defend against." Francis Maude - UK Cyber Security Strategy. In the cyber environment the balance between benefit and harm so clearly articulated by Francis Maude can also be found at the organisational, as well as national and global, level. Cyber space enables many opportunities and provides an environment in which businesses can diversify and tailor their services. At the same time, this range of opportunities also creates critical vulnerabilities to attack or exploit. In order to protect their estate security managers combine organisational , physical and technical controls to provide robust information asset protection. Control lists such as the one found in Annex A of ISO 27001 have long acknowledged the need for the three types of controls but no security management methods are available to systematically combine them. In the complex cyber environment a security manager has limited visibility of technical, physical and organisational compliance behaviours and controls and this makes it difficult to know when and how to select and combine controls. Research has, to date, not been undertaken to understand how a security manager selects the appropriate control combination. In addition, risk management techniques do not include visualisation methods that can present a combined picture of organisational and technical asset compliance behaviours. This problem is exacerbated by the lack of systematic research of the cultural and organisational techniques used by security managers resulting in limited guidance on cultural and organisational security management approaches. In order to respond to this problem, we plan to:- Explore how a security manager develops, maintains and uses visibility of both organisational and asset compliance behaviours for the management of cyber security risks.- Better understand how organisational controls and technical controls are used in combination. - Evaluate the use of different visualisations in the risk management process as a means to extend a security manager's ability to deploy combinations of organisational and technical controls in the cyber context.The research will combine a novel application of social network analysis, apply and develop anomaly detection techniques at the technical asset cluster level and integrate interpretive cartography with informational cartography.In exploring this practical security management problem, we aim to develop a socio-technical research design in which organisational and network security research techniques can both be deployed in their own research paradigm and use visualisation techniques to systematically synthesise the outputs into a robust socio-technical response. The planned outputs and deliverables from the CySeCa research are:- Methods for combining and evaluating combinations of technical and organisational security controls- Methods and design principles for visualising and analysing combined organisational and technical compliance behaviours- Use cases and case study reports

“互联网的发展是我一生中最大的社会和技术变革。它将在支持较贫穷国家的可持续发展方面发挥巨大作用。与此同时，我们对网络空间的日益依赖带来了新的风险，我们现在所依赖的关键数据和系统可能会以难以检测或防御的方式受到损害或损坏。“弗朗西斯莫德-英国网络安全战略。在网络环境中，弗朗西斯·莫德如此明确地阐述的利益与伤害之间的平衡也可以在组织、国家和全球层面上找到。网络空间提供了许多机会，并提供了一个环境，使企业可以多样化和定制其服务。与此同时，这一系列机会也产生了可供攻击或利用的关键漏洞。为了保护其资产安全，联合收割机将组织、物理和技术控制相结合，以提供强大的信息资产保护。诸如ISO 27001附件A中的控制清单之类的控制清单早就承认需要这三种类型的控制，但没有安全管理方法可以系统地将它们联合收割机结合起来。在复杂的网络环境中，安全管理人员对技术、物理和组织合规行为和控制的可见性有限，这使得难以了解何时以及如何选择和联合收割机控制。迄今为止，还没有进行研究来了解安全管理人员如何选择适当的控制组合。此外，风险管理技术不包括可以呈现组织和技术资产合规行为组合画面的可视化方法。由于缺乏对安全管理人员使用的文化和组织技术的系统研究，导致对文化和组织安全管理方法的指导有限，这一问题更加严重。 为了应对这一问题，我们计划：-探索安全经理如何开发，维护和使用组织和资产合规行为的可见性，以管理网络安全风险。更好地了解如何结合使用组织控制和技术控制。- 评估在风险管理过程中使用不同的可视化，作为一种手段，以扩展安全经理在网络环境中部署组织和技术控制组合的能力。该研究将联合收割机结合社交网络分析的新应用，在技术资产集群级别应用和开发异常检测技术，并将解释性制图与信息制图相结合。管理问题，我们的目标是开发一个社会技术研究设计，其中组织和网络安全研究技术都可以部署在自己的研究范式，并使用可视化技术，系统地合成输出到一个强大的社会技术响应。CySeCa研究的计划产出和可交付成果是：-结合和评估技术和组织安全控制组合的方法-可视化和分析组合的组织和技术合规行为的方法和设计原则-用例和案例研究报告

项目成果

The regulatory challenges of Australian information security practice

澳大利亚信息安全实践的监管挑战

• DOI: 10.1016/j.clsr.2016.05.004
• 发表时间: 2016
• 期刊: Computer Law & Security Review
• 影响因子: 2.9
• 作者: Burdon M

Digital Enlightenment Yearbook 2014: Social Networks and Social Machines, Surveillance and Empowerment

2014 年数字启蒙年鉴：社交网络和社交机器、监控和赋权

• 发表时间: 2014
• 作者: Coles-Kemp, L.,

Who says personas can't dance?

谁说人物不能跳舞？

• DOI: 10.1145/2559206.2581323
• 发表时间: 2014
• 作者: Lewis M

Transcend: Detecting Concept Drift in Malware Classification Models

• 发表时间: 2017
• 作者: Roberto Jordaney;K. Sharad;Santanu Kumar Dash;Zhi Wang;D. Papini;I. Nouretdinov;L. Cavallaro

A Tactile Visual Library To Support User Experience Storytelling

支持用户体验讲故事的触觉视觉库

• 发表时间: 2014
• 期刊: Proceedings of NordDesign 2014. Design Society, 2014
• 作者: Lewis M