From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis

Interdisciplinary Research Group in Socio-technical Cybersecurity

From Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis

Huynen Jean-Louis, Lenzini Gabriele
Abstract:
Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.
Authors:
Huynen Jean-Louis, Lenzini Gabriele
Publication date:
2017
Published in:
Proceedings of the 3rd International Conference on Information Systems Security and Privacy (2017)
Reference:
Huynen, J. L., & Lenzini, G. (2017). From situation awareness to action: an information security management toolkit for socio-technical security retrospective and prospective analysis. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy.

Get in touch with us

SnT – Interdisciplinary Centre for Security, Reliability and Trust
Maison du Nombre, 6, avenue de la Fonte L-4364 Esch-sur-Alzette
info-irisc-lab@uni.lu