A Framework for Risk-Informed Metrics-Enriched Cybersecurity Playbooks for CNI Resilience

用于 CNI 弹性的风险知情指标丰富的网络安全手册框架

基本信息

  • 批准号:
    EP/V038710/1
  • 负责人:
  • 金额:
    $ 64.11万
  • 依托单位:
  • 依托单位国家:
    英国
  • 项目类别:
    Research Grant
  • 财政年份:
    2022
  • 资助国家:
    英国
  • 起止时间:
    2022 至 无数据
  • 项目状态:
    未结题

项目摘要

The ultimate goal of the project is to improve CNI resilience in the UK by enabling timely and efficient incident response. To achieve this, this project will deliver a Framework for creating Risk-Informed Metrics-enriched Playbooks for Critical National Infrastructure (FRIMP4CNI). We propose to approach incident response playbooks in a fundamentally different way. First, playbooks in this project are integrated into core CNI processes affected by an incident, showing how enacting a particular response affects core processes as well as interdependent processes. Second, our playbooks address more than technical actions, they look at aspects beyond technology, e.g. operational response, issues related to staff availability and costs, reporting process, political and communication response. Third, playbooks are risk-informed because each playbook has an associated risk model; and fourth, they are enriched with business-driven multifaceted metrics which reflect the changes that an incident inflicts on a core process. Fifth feature is that our playbooks are optimal: an optimisation algorithm is applied to a set of alternative response strategies to identify the optimal response playbook for each case. A combination of the features listed above makes our approach unique and allows our playbooks to serve both as an action guide enabling improved cybersecurity incident response and as a decision support tool at the Board level. The project has three key objectives:1. Create an empirically-grounded tool-supported actionable framework for developing bespoke risk-informed metrics-enriched cybersecurity playbooks tailored to the challenges of enhancing resilience in CNI by adopting and modelling incident response best practices in a format of integrated playbooks. 2. Design, implement and test software tools supporting the aspects of the framework related to process modelling, risk assessment and response strategy optimisation, and to integrate them into a comprehensive CNI Playbook Design Toolset. The project will deliver the full technology stack required to develop optimal risk-informed and metric-driven playbooks. Tool-support will increase the intention to use and facilitate faster adoption of the framework in practice. 3. Evaluate the framework using existing testbeds at the participating universities and industry partners, and via focus groups and workshops with industry partners and individual domain experts with a broad range of backgrounds and in varying roles from network engineers to ICS operators to Board members to policy makers. It is essential to conduct extensive evaluation with practitioners to ensure that the framework and tools are effective, accessible and fulfil the intended purposes for each group of stakeholders.
该项目的最终目标是通过及时有效的事件响应来提高英国CNI的弹性。为了实现这一目标,该项目将提供一个框架,用于为关键国家基础设施创建风险信息度量丰富的剧本(FRIMP 4CNI)。我们建议以一种完全不同的方式处理事件响应剧本。首先,本项目中的剧本被集成到受事件影响的核心CNI流程中,显示了制定特定响应如何影响核心流程以及相互依赖的流程。第二,我们的行动手册不仅涉及技术行动,还着眼于技术以外的方面,例如行动反应、与工作人员可用性和成本有关的问题、报告程序、政治和沟通反应。第三,行动手册是风险信息,因为每个行动手册都有一个相关的风险模型;第四,它们丰富了业务驱动的多方面指标,这些指标反映了事件对核心流程造成的变化。第五个特征是我们的剧本是最优的:将优化算法应用于一组替代响应策略,以确定每个案例的最优响应剧本。上述功能的组合使我们的方法独一无二,并使我们的行动手册既可作为行动指南,改善网络安全事件响应,又可作为董事会层面的决策支持工具。该项目有三个主要目标:1。创建一个基于实践的工具支持的可操作框架,用于开发定制的风险信息化指标丰富的网络安全剧本,通过采用和模拟集成剧本格式的事件响应最佳实践,针对增强CNI弹性的挑战量身定制。2.设计、实施和测试支持与流程建模、风险评估和响应策略优化相关的框架方面的软件工具,并将它们集成到全面的CNI剧本设计工具集中。该项目将提供开发最佳风险信息和指标驱动剧本所需的完整技术堆栈。工具支持将提高使用意愿,并促进在实践中更快地采用该框架。3.使用参与大学和行业合作伙伴的现有测试平台评估框架,并通过与行业合作伙伴和具有广泛背景的各个领域专家的焦点小组和研讨会,从网络工程师到ICS运营商,从董事会成员到政策制定者。必须与从业人员一起进行广泛的评估,以确保框架和工具有效、可获得并实现每个利益攸关方群体的预期目的。

项目成果

期刊论文数量(2)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
Operations-informed incident response playbooks
以运营为依据的事件响应手册
  • DOI:
    10.1016/j.cose.2023.103454
  • 发表时间:
    2023
  • 期刊:
  • 影响因子:
    5.6
  • 作者:
    Shaked A
  • 通讯作者:
    Shaked A
Model-Based Incident Response Playbooks
基于模型的事件响应手册
  • DOI:
    10.1145/3538969.3538976
  • 发表时间:
    2022
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Shaked A
  • 通讯作者:
    Shaked A
{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

数据更新时间:{{ journalArticles.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ monograph.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ sciAawards.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ conferencePapers.updateTime }}

{{ item.title }}
  • 作者:
    {{ item.author }}

数据更新时间:{{ patent.updateTime }}

Yulia Cherdantseva其他文献

Secure*BPMN : a graphical extension for BPMN 2.0 based on a reference model of information assurance & security
  • DOI:
  • 发表时间:
    2014-12
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Yulia Cherdantseva
  • 通讯作者:
    Yulia Cherdantseva
Towards SecureBPMN - Aligning BPMN with the Information Assurance and Security Domain
迈向 SecureBPMN - 将 BPMN 与信息保障和安全领域结合起来
  • DOI:
    10.1007/978-3-642-33155-8_9
  • 发表时间:
    2012
  • 期刊:
  • 影响因子:
    0
  • 作者:
    Yulia Cherdantseva;Jeremy Hilton;O. Rana
  • 通讯作者:
    O. Rana
Leveraging Gamification and Game-based Learning in Cybersecurity Education
在网络安全教育中利用游戏化和基于游戏的学习
Information Security and Information Assurance: Discussion about the Meaning, Scope, and Goals
信息安全与信息保障:含义、范围和目标的讨论
  • DOI:
    10.4018/978-1-4666-4526-4.ch010
  • 发表时间:
    2014
  • 期刊:
  • 影响因子:
    7.3
  • 作者:
    Yulia Cherdantseva;Jeremy Hilton
  • 通讯作者:
    Jeremy Hilton

Yulia Cherdantseva的其他文献

{{ item.title }}
{{ item.translation_title }}
  • DOI:
    {{ item.doi }}
  • 发表时间:
    {{ item.publish_year }}
  • 期刊:
  • 影响因子:
    {{ item.factor }}
  • 作者:
    {{ item.authors }}
  • 通讯作者:
    {{ item.author }}

相似国自然基金

The Heterogenous Impact of Monetary Policy on Firms' Risk and Fundamentals
  • 批准号:
  • 批准年份:
    2024
  • 资助金额:
    万元
  • 项目类别:
    外国学者研究基金项目
基于时间序列间分位相依性(quantile dependence)的风险值(Value-at-Risk)预测模型研究
  • 批准号:
    71903144
  • 批准年份:
    2019
  • 资助金额:
    17.0 万元
  • 项目类别:
    青年科学基金项目
RISK通路在胃泌素介导的心脏缺血再灌注损伤保护中的作用研究
  • 批准号:
    81800239
  • 批准年份:
    2018
  • 资助金额:
    21.0 万元
  • 项目类别:
    青年科学基金项目
异氟烷基于TLR4/RISK/NF-κB调控糖尿病缺血性脑卒中后NLRP3炎症小体形成的机制研究
  • 批准号:
    81771232
  • 批准年份:
    2017
  • 资助金额:
    54.0 万元
  • 项目类别:
    面上项目
Notch1与RISK/SAFE/HIF-1α信号通路整合在I-postC保护中的作用及其机制
  • 批准号:
    81260024
  • 批准年份:
    2012
  • 资助金额:
    50.0 万元
  • 项目类别:
    地区科学基金项目

相似海外基金

MEtaGenome-informed Antimicrobial resistance Surveillance: Harnessing long-read sequencing for an analytical, indicator and risk assessment framework
基于 MEtaGenome 的抗菌药物耐药性监测:利用长读长测序构建分析、指标和风险评估框架
  • 批准号:
    MR/Y034457/1
  • 财政年份:
    2024
  • 资助金额:
    $ 64.11万
  • 项目类别:
    Research Grant
MEDiate: Multi-hazard and risk informed system for Enhanced local and regional Disaster risk management
MEDiate:加强地方和区域灾害风险管理的多灾种和风险告知系统
  • 批准号:
    10049469
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    EU-Funded
Safety Assessment and Risk-informed Design of Networked Control Systems
网络控制系统的安全评估和风险告知设计
  • 批准号:
    327716-2013
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    Discovery Grants Program - Individual
A digital mindfulness-informed parenting intervention for high-risk divorced families
针对高风险离婚家庭的数字化正念教育育儿干预
  • 批准号:
    10614556
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
MEDiate - Multi-hazard and Risk-informed System for Enhanced Local and Regional Disaster Risk Management
MEDiate - 用于加强地方和区域灾害风险管理的多灾种和风险告知系统
  • 批准号:
    10051982
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    EU-Funded
MEDiate Multi-hazard and risk informed system for enhanced local and regional disaster risk management
MEDiate 多灾害和风险通报系统,用于加强地方和区域灾害风险管理
  • 批准号:
    10050689
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    EU-Funded
Salpingectomy for Ovarian Cancer Risk Reduction: Improving Utilization and Informed Decision-Making
输卵管切除术降低卵巢癌风险:提高利用率和知情决策
  • 批准号:
    10708064
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
Spatially informed interrogation of the high-risk breast for breast cancer prevention
对高风险乳房进行空间知情询问以预防乳腺癌
  • 批准号:
    473970
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    Fellowship Programs
Multi-hazard and risk informed system for Enhanced local and regional Disaster risk management
加强地方和区域灾害风险管理的多灾种和风险通报系统
  • 批准号:
    10049641
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
    EU-Funded
A digital mindfulness-informed parenting intervention for high-risk divorced families
针对高风险离婚家庭的数字化正念教育育儿干预
  • 批准号:
    10449582
  • 财政年份:
    2022
  • 资助金额:
    $ 64.11万
  • 项目类别:
{{ showInfoDetail.title }}

作者:{{ showInfoDetail.author }}

知道了