Abstract
This paper presents a practical approach to building situational awareness at a critical infrastructure entity and its implementation in supporting security management. It outlines the main factors for achieving a high level of situational awareness and ensuring the safety and continuity of business objectives. Among other things, situational awareness requires precise identification and understanding of multilateral dependencies of infrastructure, services, and processes executed by the entity and services provided by external businesses, resulting from the strong interrelationship of the critical infrastructure sectors and the sharing of resources. Accordingly, this paper presents a cyberspace modeling methodology that supports an in-depth analysis of the causes and consequences of threat proliferation in a complex infrastructure–business environment and its implementation in a Situational Awareness Management System (SAMS). An emphasis is placed on threat propagation analysis and dynamic risk assessment mechanisms and how they are used to identify and take preemptive actions protecting or limiting the scope of the threats’ propagation. The paper concludes with insights from a pilot implementation of the system prototype and directions for further work.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call