The navigation metaphor in security economics

Wolter Pieters; Jeroen Barendse; Margaret Ford; Claude P.R. Heath; Christian W. Probst; Ruud Verbij

doi:10.1109/MSP.2016.47

The navigation metaphor in security economics

Wolter Pieters, Jeroen Barendse, Margaret Ford, Claude P.R. Heath, Christian W. Probst, Ruud Verbij

Research output: Contribution to journal › Article › Academic › peer-review

4 Citations (Scopus)

7 Downloads (Pure)

Abstract

The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

Original language	English
Pages (from-to)	14-21
Number of pages	8
Journal	IEEE security & privacy
Volume	14
Issue number	3
DOIs	https://doi.org/10.1109/MSP.2016.47
Publication status	Published - 25 May 2016

Keywords

Cyber attacks
Attacker Profile
Attack Navigator
Security model
Navigation
Internet/Web technologies
Hackers
Visualization
E-commerce
Security
Security Economics
EC Grant Agreement nr.: FP7/2007-2013
EC Grant Agreement nr.: FP7/318003
n/a OA procedure

Access to Document

10.1109/MSP.2016.47

Cite this

@article{30a098e6dcb34adc83d37f203be893ad,

title = "The navigation metaphor in security economics",

abstract = "The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.",

keywords = "Cyber attacks, Attacker Profile, Attack Navigator, Security model, Navigation, Internet/Web technologies, Hackers, Visualization, E-commerce, Security, Security Economics, EC Grant Agreement nr.: FP7/2007-2013, EC Grant Agreement nr.: FP7/318003, n/a OA procedure",

author = "Wolter Pieters and Jeroen Barendse and Margaret Ford and Heath, {Claude P.R.} and Probst, {Christian W.} and Ruud Verbij",

year = "2016",

month = may,

day = "25",

doi = "10.1109/MSP.2016.47",

language = "English",

volume = "14",

pages = "14--21",

journal = "IEEE security & privacy",

issn = "1540-7993",

publisher = "IEEE",

number = "3",

}

TY - JOUR

T1 - The navigation metaphor in security economics

AU - Pieters, Wolter

AU - Barendse, Jeroen

AU - Ford, Margaret

AU - Heath, Claude P.R.

AU - Probst, Christian W.

AU - Verbij, Ruud

PY - 2016/5/25

Y1 - 2016/5/25

N2 - The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

AB - The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

KW - Cyber attacks

KW - Attacker Profile

KW - Attack Navigator

KW - Security model

KW - Navigation

KW - Internet/Web technologies

KW - Hackers

KW - Visualization

KW - E-commerce

KW - Security

KW - Security Economics

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - EC Grant Agreement nr.: FP7/318003

KW - n/a OA procedure

U2 - 10.1109/MSP.2016.47

DO - 10.1109/MSP.2016.47

M3 - Article

SN - 1540-7993

VL - 14

SP - 14

EP - 21

JO - IEEE security & privacy

JF - IEEE security & privacy

IS - 3

ER -

The navigation metaphor in security economics

Abstract

Keywords

Access to Document

Fingerprint

Cite this