TREsPASS Book 1: Picturing Risk

Lizzie Coles-Kemp, Peter Hall (Editor)

Research output: Book/ReportBookAcademic

50 Downloads (Pure)

Abstract

Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.
Original languageEnglish
Place of PublicationUniversity of London
PublisherRoyal Holloway
Number of pages18
ISBN (Print)978-1-905846-74-0
Publication statusPublished - Nov 2016

Publication series

Name
PublisherRoyal Holloway

Fingerprint

Visualization
Security of data
Data visualization
Social sciences
Risk management
Websites
Costs
Industry

Keywords

  • IR-101977
  • EWI-27388
  • METIS-318580
  • EC Grant Agreement nr.: FP7/318003
  • EC Grant Agreement nr.: FP7/2007-2013

Cite this

Coles-Kemp, L., & Hall, P. (Ed.) (2016). TREsPASS Book 1: Picturing Risk. University of London: Royal Holloway.
Coles-Kemp, Lizzie ; Hall, Peter (Editor). / TREsPASS Book 1: Picturing Risk. University of London : Royal Holloway, 2016. 18 p.
@book{2781c2d59da04a239aa4ee3f09410956,
title = "TREsPASS Book 1: Picturing Risk",
abstract = "Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.",
keywords = "IR-101977, EWI-27388, METIS-318580, EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013",
author = "Lizzie Coles-Kemp",
editor = "Peter Hall",
note = "eemcs-eprint-27388",
year = "2016",
month = "11",
language = "English",
isbn = "978-1-905846-74-0",
publisher = "Royal Holloway",

}

Coles-Kemp, L & Hall, P (ed.) 2016, TREsPASS Book 1: Picturing Risk. Royal Holloway, University of London.

TREsPASS Book 1: Picturing Risk. / Coles-Kemp, Lizzie; Hall, Peter (Editor).

University of London : Royal Holloway, 2016. 18 p.

Research output: Book/ReportBookAcademic

TY - BOOK

T1 - TREsPASS Book 1: Picturing Risk

AU - Coles-Kemp, Lizzie

A2 - Hall, Peter

N1 - eemcs-eprint-27388

PY - 2016/11

Y1 - 2016/11

N2 - Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.

AB - Information security threats to organisations have changed immensely over the last decade, due to the complexity and dynamic nature of infrastructure and attacks. Successful attacks cost society billions a year, impacting vital services and the economy. Examples include StuxNet, in which infected USB sticks were used to sabotage nuclear plants, and the DigiNotar attack, in which fake digital certi cates were used to spy on website traf c. New attacks cleverly exploit multiple organisational vulnerabilities, involving physical security and human behaviour. Defenders need to make rapid decisions regarding which attacks to block, as both infrastructure and attacker knowledge change rapidly. Current risk management methods provide descriptive tools for assessing threats by systematic brainstorming. Attack opportunities will be identified and prevented only if people can envisage them. In today’s dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks demand tool support to predict, prioritise, and prevent complex attacks systematically. The TREsPASS project has developed methods and tools to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. An Attack Navigator has been built to help security practitioners model which attack opportunities are possible and most pressing, and which countermeasures are most effective. To this end, the project combines knowledge from technical sciences (to identify the vulnerabilities of technological networks), social sciences (to identify the vulnerabilities of social networks), and state-of-the-art industry processes and tools, such as The Open Group’s ArchiMate modelling language. The TREsPASS project included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. This work stream produced three types of visualistion: • Artistic visualisations, which articulate the cultural dimensions to security risks; • Journalistic visualisations, which articulate the relationships between risks and the data ows within an organisation and the workings of the risk model; and • Scientific visualisations, which contribute to the quantification of the qualitative risk data, articulate the attack and defence interaction (for which attack-defence trees are our start point) and enable the user to calculate risk from different perspectives and perform root cause analysis on risks to complex information flows. This book presents an overview of the outputs of this work stream.

KW - IR-101977

KW - EWI-27388

KW - METIS-318580

KW - EC Grant Agreement nr.: FP7/318003

KW - EC Grant Agreement nr.: FP7/2007-2013

M3 - Book

SN - 978-1-905846-74-0

BT - TREsPASS Book 1: Picturing Risk

PB - Royal Holloway

CY - University of London

ER -

Coles-Kemp L, Hall P, (ed.). TREsPASS Book 1: Picturing Risk. University of London: Royal Holloway, 2016. 18 p.