TREsPASS Book 1: Picturing Risk

Lizzie Coles-Kemp, Peter Hall (Editor)

    Research output: Book/ReportBookAcademic

    58 Downloads (Pure)

    Abstract

    Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.
    Original languageEnglish
    Place of PublicationUniversity of London
    PublisherRoyal Holloway
    Number of pages18
    ISBN (Print)978-1-905846-74-0
    Publication statusPublished - Nov 2016

    Publication series

    Name
    PublisherRoyal Holloway

    Fingerprint

    Visualization
    Security of data
    Data visualization
    Social sciences
    Risk management
    Websites
    Costs
    Industry

    Keywords

    • IR-101977
    • EWI-27388
    • METIS-318580
    • EC Grant Agreement nr.: FP7/318003
    • EC Grant Agreement nr.: FP7/2007-2013

    Cite this

    Coles-Kemp, L., & Hall, P. (Ed.) (2016). TREsPASS Book 1: Picturing Risk. University of London: Royal Holloway.
    Coles-Kemp, Lizzie ; Hall, Peter (Editor). / TREsPASS Book 1: Picturing Risk. University of London : Royal Holloway, 2016. 18 p.
    @book{2781c2d59da04a239aa4ee3f09410956,
    title = "TREsPASS Book 1: Picturing Risk",
    abstract = "Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.",
    keywords = "IR-101977, EWI-27388, METIS-318580, EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013",
    author = "Lizzie Coles-Kemp",
    editor = "Peter Hall",
    note = "eemcs-eprint-27388",
    year = "2016",
    month = "11",
    language = "English",
    isbn = "978-1-905846-74-0",
    publisher = "Royal Holloway",

    }

    Coles-Kemp, L & Hall, P (ed.) 2016, TREsPASS Book 1: Picturing Risk. Royal Holloway, University of London.

    TREsPASS Book 1: Picturing Risk. / Coles-Kemp, Lizzie; Hall, Peter (Editor).

    University of London : Royal Holloway, 2016. 18 p.

    Research output: Book/ReportBookAcademic

    TY - BOOK

    T1 - TREsPASS Book 1: Picturing Risk

    AU - Coles-Kemp, Lizzie

    A2 - Hall, Peter

    N1 - eemcs-eprint-27388

    PY - 2016/11

    Y1 - 2016/11

    N2 - Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.

    AB - Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.

    KW - IR-101977

    KW - EWI-27388

    KW - METIS-318580

    KW - EC Grant Agreement nr.: FP7/318003

    KW - EC Grant Agreement nr.: FP7/2007-2013

    M3 - Book

    SN - 978-1-905846-74-0

    BT - TREsPASS Book 1: Picturing Risk

    PB - Royal Holloway

    CY - University of London

    ER -

    Coles-Kemp L, Hall P, (ed.). TREsPASS Book 1: Picturing Risk. University of London: Royal Holloway, 2016. 18 p.