The navigation metaphor in security economics

Wolter Pieters, Jeroen Barendse, Margaret Ford, Claude P.R. Heath, Christian W. Probst, Ruud Verbij

Research output: Contribution to journalArticleAcademicpeer-review

4 Citations (Scopus)

Abstract

The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.
Original languageUndefined
Pages (from-to)14-21
Number of pages8
JournalIEEE security & privacy
Volume14
Issue number3
DOIs
Publication statusPublished - 25 May 2016

Keywords

  • cyberattacks
  • attacker profiles
  • attack navigators
  • EWI-27181
  • security models
  • Navigation
  • Internet/Web technologies
  • hackers
  • EC Grant Agreement nr.: FP7/318003
  • METIS-318506
  • Visualization
  • IR-101092
  • E-commerce
  • Security
  • Security Economics
  • EC Grant Agreement nr.: FP7/2007-2013

Cite this

Pieters, W., Barendse, J., Ford, M., Heath, C. P. R., Probst, C. W., & Verbij, R. (2016). The navigation metaphor in security economics. IEEE security & privacy, 14(3), 14-21. https://doi.org/10.1109/MSP.2016.47
Pieters, Wolter ; Barendse, Jeroen ; Ford, Margaret ; Heath, Claude P.R. ; Probst, Christian W. ; Verbij, Ruud. / The navigation metaphor in security economics. In: IEEE security & privacy. 2016 ; Vol. 14, No. 3. pp. 14-21.
@article{30a098e6dcb34adc83d37f203be893ad,
title = "The navigation metaphor in security economics",
abstract = "The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.",
keywords = "cyberattacks, attacker profiles, attack navigators, EWI-27181, security models, Navigation, Internet/Web technologies, hackers, EC Grant Agreement nr.: FP7/318003, METIS-318506, Visualization, IR-101092, E-commerce, Security, Security Economics, EC Grant Agreement nr.: FP7/2007-2013",
author = "Wolter Pieters and Jeroen Barendse and Margaret Ford and Heath, {Claude P.R.} and Probst, {Christian W.} and Ruud Verbij",
note = "eemcs-eprint-27181",
year = "2016",
month = "5",
day = "25",
doi = "10.1109/MSP.2016.47",
language = "Undefined",
volume = "14",
pages = "14--21",
journal = "IEEE security & privacy",
issn = "1540-7993",
publisher = "IEEE",
number = "3",

}

Pieters, W, Barendse, J, Ford, M, Heath, CPR, Probst, CW & Verbij, R 2016, 'The navigation metaphor in security economics' IEEE security & privacy, vol. 14, no. 3, pp. 14-21. https://doi.org/10.1109/MSP.2016.47

The navigation metaphor in security economics. / Pieters, Wolter; Barendse, Jeroen; Ford, Margaret; Heath, Claude P.R.; Probst, Christian W.; Verbij, Ruud.

In: IEEE security & privacy, Vol. 14, No. 3, 25.05.2016, p. 14-21.

Research output: Contribution to journalArticleAcademicpeer-review

TY - JOUR

T1 - The navigation metaphor in security economics

AU - Pieters, Wolter

AU - Barendse, Jeroen

AU - Ford, Margaret

AU - Heath, Claude P.R.

AU - Probst, Christian W.

AU - Verbij, Ruud

N1 - eemcs-eprint-27181

PY - 2016/5/25

Y1 - 2016/5/25

N2 - The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

AB - The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

KW - cyberattacks

KW - attacker profiles

KW - attack navigators

KW - EWI-27181

KW - security models

KW - Navigation

KW - Internet/Web technologies

KW - hackers

KW - EC Grant Agreement nr.: FP7/318003

KW - METIS-318506

KW - Visualization

KW - IR-101092

KW - E-commerce

KW - Security

KW - Security Economics

KW - EC Grant Agreement nr.: FP7/2007-2013

U2 - 10.1109/MSP.2016.47

DO - 10.1109/MSP.2016.47

M3 - Article

VL - 14

SP - 14

EP - 21

JO - IEEE security & privacy

JF - IEEE security & privacy

SN - 1540-7993

IS - 3

ER -

Pieters W, Barendse J, Ford M, Heath CPR, Probst CW, Verbij R. The navigation metaphor in security economics. IEEE security & privacy. 2016 May 25;14(3):14-21. https://doi.org/10.1109/MSP.2016.47