A Threat-Driven Approach to Cyber Security Methodologies , Practices and Tools to Enable a Functionally Integrated Cyber Security Organization
@inproceedings{Muckin2015ATA, title={A Threat-Driven Approach to Cyber Security Methodologies , Practices and Tools to Enable a Functionally Integrated Cyber Security Organization}, author={Michael Muckin}, year={2015} }
Contemporary cyber security risk management practices are largely driven by compliance requirements, which force organizations to focus on security controls and vulnerabilities. Risk management considers multiple facets – including assets, threats, vulnerabilities and controls – which are jointly evaluated with the variables of probability and impact. Threats cause damage to information systems. Threats utilize vulnerabilities to enact this damage, and security controls are implemented to… Expand
Figures, Tables, and Topics from this paper
16 Citations
The Battle for New York: A Case Study of Applied Digital Threat Modeling at the Enterprise Level
- Computer Science
- USENIX Security Symposium
- 2018
- 13
- PDF
Defendable Architectures Achieving Cyber Security by Designing for Intelligence Driven Defense
- Computer Science
- 2015
- Highly Influenced
- PDF
Applying Indications and Warning Frameworks to Cyber Incidents
- Business, Computer Science
- 2019 11th International Conference on Cyber Conflict (CyCon)
- 2019
- 1
- PDF
A REVIEW OF GAME THEORY APPROACH TO CYBER SECURITY RISK MANAGEMENT
- Engineering
- 2018
- 3
- Highly Influenced
- PDF
Strengthening information technology security through the failure modes and effects analysis approach
- Computer Science
- 2018
- 4
Automating Threat Intelligence for SDL
- Computer Science
- 2018 IEEE Cybersecurity Development (SecDev)
- 2018
- PDF
Applying a Threat Model to Cloud Computing
- Computer Science
- 2018 International Carnahan Conference on Security Technology (ICCST)
- 2018
- Highly Influenced
References
SHOWING 1-10 OF 51 REFERENCES
Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains
- Computer Science
- 2010
- 510
- Highly Influential
- PDF
Security and Privacy Controls for Federal Information Systems and Organizations
- Computer Science
- 2013
- 300
- PDF
Open Web Application Security Project
- Computer Science
- Datenschutz und Datensicherheit - DuD
- 2006
- 170
- PDF
Defendable Architectures
- 2015.
- 2015
STRIDE Chart
- 11 September 2007. [Online]. Available: http://blogs.microsoft.com/cybertrust/2007/09/11/stride-chart/.
- 2007