The third International Conference on Information Systems Security and Privacy took place between February 19-21, 2017 in Porto (Portugal). Together with Timea Pahi and Florian Skopik, we published a paper on the “Analysis and Assessment of Situational Awareness Models for National Cyber Security Centers”. It is expected to appear soon.
Analysis and Assessment of Situational Awareness Models for National Cyber Security Centers
Abstract: National cyber security centers (NCSCs) are gaining more and more importance to ensure the security and proper operations of critical infrastructures (CIs). As a prerequisite, NCSCs need to collect, analyze, process, assess and share security-relevant information from infrastructure operators. A vital capability of mentioned NCSCs is to establish Cyber Situational Awareness (CSA) as a precondition for understanding the security situation of critical infrastructures. This is important for proper risk assessment and subsequent reduction of potential attack surfaces at national level. In this paper, we therefore survey theoretical models relevant for Situational Awareness (SA) and present a collaborative CSA model for NCSCs in order to enhance the protection of CIs at national level. Additionally, we provide an application scenario to illustrate a hands-on case of utilizing a CSA model in a NCSC, especially focusing on information sharing. We foresee this illustrative scenario to aid decision makers and practitioners who are involved in establishing NCSCs and cyber security processes on national level to better understand the specific implications regarding the application of the CSA model for NCSCs.