Abstract
The scale and complexity of cyber threats in digital enterprises hamper operators’ ability to gather, prioritize and rationalize which security controls requirements should be handled first to achieve rapid risk reduction. This paper presents a cyber digital twin, based on attack graph analytics, that automatically gathers and prioritizes security controls requirements at scale over active networks. The first-of-a-kind twin collects information about the computer network, associates it with attack tactics, measures the efficiency of implemented security controls requirements and automatically detects missing security controls. The twin also evaluates a cyber risk value using the attack graph and proposes prioritization of the detected requirements to rapidly reduce risk within existing system constraints. The cyber digital twin simulator offers several new risk reduction methods for automatically selecting security controls requirements. The necessary data for constructing a contextual cyber digital twin is defined, including the relationship between security controls and attack tactics. The paper illustrates the calculations used for ranking security controls’ risk impact, the algorithm for security controls’ requirements prioritization, and finally demonstrates successful results using a field experiment conducted via an active network.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
