The navigation metaphor in security economics

Wolter Pieters, Jeroen Barendse, Margaret Ford, Claude P.R. Heath, Christian W. Probst, Ruud Verbij

    Research output: Contribution to journalArticleAcademicpeer-review

    4 Citations (Scopus)

    Abstract

    The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.
    Original languageUndefined
    Pages (from-to)14-21
    Number of pages8
    JournalIEEE security & privacy
    Volume14
    Issue number3
    DOIs
    Publication statusPublished - 25 May 2016

    Keywords

    • cyberattacks
    • attacker profiles
    • attack navigators
    • EWI-27181
    • security models
    • Navigation
    • Internet/Web technologies
    • hackers
    • EC Grant Agreement nr.: FP7/318003
    • METIS-318506
    • Visualization
    • IR-101092
    • E-commerce
    • Security
    • Security Economics
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this

    Pieters, W., Barendse, J., Ford, M., Heath, C. P. R., Probst, C. W., & Verbij, R. (2016). The navigation metaphor in security economics. IEEE security & privacy, 14(3), 14-21. https://doi.org/10.1109/MSP.2016.47