Abstract
Cyber defense exercises (CDXs) represent an effective way to train cybersecurity experts. However, their development is lengthy and expensive. The reason lies in current practice where the CDX life cycle is not sufficiently mapped and formalized, and then exercises are developed ad-hoc. However, the CDX development shares many aspects with software development, especially with ERP systems. This paper presents a generic CDX development method that has been derived from existing CDX life cycles using the SPEM standard meta-model. The analysis of the method revealed bottlenecks in the CDX development process. Observations made from the analysis and discussed in the paper indicate that the organization of CDXs can be significantly optimized by applying a balanced mixed approach with agile preparation and plan-driven disciplined evaluation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Information Technologies and Systems Approach
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
