From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis

Jean-Louis Huynen; Gabriele Lenzini

doi:10.5220/0006211302130224

From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis

Jean-Louis Huynen, Gabriele Lenzini

2017

Abstract

Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion.

Download

Paper Citation

in Harvard Style

Huynen J. and Lenzini G. (2017). From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 213-224. DOI: 10.5220/0006211302130224

in Bibtex Style

@conference{icissp17,
author={Jean-Louis Huynen and Gabriele Lenzini},
title={From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={213-224},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006211302130224},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - From Situation Awareness to Action: An Information Security Management Toolkit for Socio-technical Security Retrospective and Prospective Analysis
SN - 978-989-758-209-7
AU - Huynen J.
AU - Lenzini G.
PY - 2017
SP - 213
EP - 224
DO - 10.5220/0006211302130224