Corpus ID: 15744381

A Threat-Driven Approach to Cyber Security Methodologies , Practices and Tools to Enable a Functionally Integrated Cyber Security Organization

@inproceedings{Muckin2015ATA,
  title={A Threat-Driven Approach to Cyber Security Methodologies , Practices and Tools to Enable a Functionally Integrated Cyber Security Organization},
  author={Michael Muckin},
  year={2015}
}
  • Michael Muckin
  • Published 2015
  • Computer Science
    • Contemporary cyber security risk management practices are largely driven by compliance requirements, which force organizations to focus on security controls and vulnerabilities. Risk management considers multiple facets – including assets, threats, vulnerabilities and controls – which are jointly evaluated with the variables of probability and impact. Threats cause damage to information systems. Threats utilize vulnerabilities to enact this damage, and security controls are implemented to… CONTINUE READING

    Create an AI-powered research feed to stay up to date with new papers like this posted to ArXiv

    Citations

    Publications citing this paper.
    SHOWING 1-10 OF 11 CITATIONS

    Cyber-Physical Security for Advanced Manufacturing

    VIEW 4 EXCERPTS
    CITES METHODS
    HIGHLY INFLUENCED

    Applying a Threat Model to Cloud Computing

    VIEW 8 EXCERPTS
    CITES METHODS
    HIGHLY INFLUENCED

    Defendable Architectures Achieving Cyber Security by Designing for Intelligence Driven Defense

    VIEW 6 EXCERPTS
    CITES METHODS & BACKGROUND
    HIGHLY INFLUENCED

    A REVIEW OF GAME THEORY APPROACH TO CYBER SECURITY RISK MANAGEMENT

    VIEW 4 EXCERPTS
    CITES BACKGROUND
    HIGHLY INFLUENCED

    Analyzing the Interplay Between Regulatory Compliance and Cybersecurity

    Applying Indications and Warning Frameworks to Cyber Incidents

    Evaluation of Threat Modeling Methodologies

    VIEW 1 EXCERPT

    Automating Threat Intelligence for SDL

    VIEW 1 EXCERPT
    CITES BACKGROUND

    Security Risk Management of E-commerce Systems

    VIEW 1 EXCERPT
    CITES BACKGROUND

    Strengthening information technology security through the failure modes and effects analysis approach

    VIEW 2 EXCERPTS
    CITES BACKGROUND

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 29 REFERENCES

    Defendable Architectures

    • S. C. Fitch, M. Muckin
    • 2015.
    • 2015
    VIEW 4 EXCERPTS
    HIGHLY INFLUENTIAL

    Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains

    VIEW 5 EXCERPTS
    HIGHLY INFLUENTIAL

    STRIDE Chart

    • A. Shostack
    • 11 September 2007. [Online]. Available: http://blogs.microsoft.com/cybertrust/2007/09/11/stride-chart/.
    • 2007
    VIEW 10 EXCERPTS
    HIGHLY INFLUENTIAL

    National Institute of Standards and Technology (NIST) Cybersecurity Framework In Action

    VIEW 2 EXCERPTS

    Application Security and Development STIG

    • Defense Information Systems Agency DISA
    • 24 October 2014. [Online]. Available: http://iase.disa.mil/stigs/app-security/app-security/Pages/appsecurity.aspx.
    • 2014
    VIEW 2 EXCERPTS

    Exposing the Cyber Cracks: A Global Perspective

    • LLC Ponemon Institute
    • Sponsored by WebSense, 2014.
    • 2014
    VIEW 1 EXCERPT

    Friend of the Devil and the Shostack Code

    • G. Peterson
    • 12 March 2014. [Online]. Available: http://1raindrop.typepad.com/1_raindrop/2014/03/this-is-part-three-on-looking-at-governanceand-compliance-in-the-first-post-we-looked-at-charlie-mungers-comments-on-gove.html.
    • 2014
    VIEW 1 EXCERPT

    Heartbleed

    • Codenomicon
    • April 2014. [Online]. Available: http://heartbleed.com/.
    • 2014
    VIEW 1 EXCERPT

    Security Threat Modeling: Six Steps to Success

    • WebSense
    • 6 March 2014. [Online]. Available: http://community.websense.com/blogs/websense-insights/archive/2014/03/06/security-threatmodeling-six-steps-to-success.aspx.
    • 2014
    VIEW 1 EXCERPT

    Threat Model Tool 2014; Cyber Trust Blog

    • Microsft Corporation
    • [Online]. Available: http://blogs.microsoft.com/cybertrust/2014/04/15/introducing-microsoft-threat-modeling-tool- 2014/.
    • 2014
    VIEW 3 EXCERPTS