Cybersecurity situational awareness taxonomy

Antti Evesti; Teemu Kanstrén; Tapio Frantti

doi:10.1109/CyberSA.2017.8073386

Cybersecurity situational awareness taxonomy

Antti Evesti, Teemu Kanstrén, Tapio Frantti

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

15 Citations (Scopus)

Abstract

Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.

Original language	English
Title of host publication	2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017
Publisher	IEEE Institute of Electrical and Electronic Engineers
Number of pages	8
ISBN (Electronic)	978-1-5090-5060-4
ISBN (Print)	978-1-5090-5061-1
DOIs	https://doi.org/10.1109/CyberSA.2017.8073386
Publication status	Published - 18 Oct 2017
MoE publication type	A4 Article in a conference publication
Event	International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017 - London, United Kingdom Duration: 19 Jun 2017 → 20 Jun 2017

Conference

Conference	International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017
Abbreviated title	Cyber SA 2017
Country/Territory	United Kingdom
City	London
Period	19/06/17 → 20/06/17

Keywords

taxonomy
security
monitoring
decision making
analytics
risk analysis

Access to Document

10.1109/CyberSA.2017.8073386

Cite this

@inproceedings{24847184eb674acca0f2417a85992446,

title = "Cybersecurity situational awareness taxonomy",

abstract = "Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.",

keywords = "taxonomy, security, monitoring, decision making, analytics, risk analysis",

author = "Antti Evesti and Teemu Kanstr{\'e}n and Tapio Frantti",

year = "2017",

month = oct,

day = "18",

doi = "10.1109/CyberSA.2017.8073386",

language = "English",

isbn = "978-1-5090-5061-1",

booktitle = "2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017",

publisher = "IEEE Institute of Electrical and Electronic Engineers",

address = "United States",

note = "International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017, Cyber SA 2017 ; Conference date: 19-06-2017 Through 20-06-2017",

}

Evesti, A, Kanstrén, T & Frantti, T 2017, Cybersecurity situational awareness taxonomy. in 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017., 8073386, IEEE Institute of Electrical and Electronic Engineers, International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017, London, United Kingdom, 19/06/17. https://doi.org/10.1109/CyberSA.2017.8073386

Cybersecurity situational awareness taxonomy. / Evesti, Antti; Kanstrén, Teemu; Frantti, Tapio.

2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017. IEEE Institute of Electrical and Electronic Engineers, 2017. 8073386.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Cybersecurity situational awareness taxonomy

AU - Evesti, Antti

AU - Kanstrén, Teemu

AU - Frantti, Tapio

PY - 2017/10/18

Y1 - 2017/10/18

N2 - Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.

AB - Ensuring cost-efficient cybersecurity for a networked system is a challenging task. In this task, cybersecurity situational awareness is a cornerstone to ensure that systems are protected in a meaningful way. However, cybersecurity situational awareness can be built in various ways. Firstly, several monitoring and analysing techniques can be applied, and secondly, a time window for the usage of situational awareness varies from short-term operational to long-term strategic decision making. Understanding differences and purposes of these aspects is an essential part to research and develop cybersecurity situational awareness. In this paper, we build a taxonomy of cybersecurity situational awareness. The taxonomy categorises terminology, makes it possible to recognise missing areas, and to understand the area in a uniform way. Moreover, the taxonomy helps to select the most effective techniques to be used in a specific situation awareness implementation.

KW - taxonomy

KW - security

KW - monitoring

KW - decision making

KW - analytics

KW - risk analysis

UR - http://www.scopus.com/inward/record.url?scp=85039932096&partnerID=8YFLogxK

U2 - 10.1109/CyberSA.2017.8073386

DO - 10.1109/CyberSA.2017.8073386

M3 - Conference article in proceedings

SN - 978-1-5090-5061-1

BT - 2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment, Cyber SA 2017

PB - IEEE Institute of Electrical and Electronic Engineers

T2 - International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2017

Y2 - 19 June 2017 through 20 June 2017

ER -

Cybersecurity situational awareness taxonomy

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

SENDATE-PLANETS: Secure Networking for a Data Center Cloud in Europe

Cite this

Cybersecurity situational awareness taxonomy

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Projects

SENDATE-PLANETS: Secure Networking for a Data Center Cloud in Europe

Cite this