• DocumentCode
    1920446
  • Title

    CIAM: A data-driven approach for selecting and prioritizing security controls

  • Author

    Llansó, Thomas

  • Author_Institution
    Johns Hopkins Univ. Appl. Phys. Lab., Laurel, MD, USA
  • fYear
    2012
  • fDate
    19-22 March 2012
  • Firstpage
    1
  • Lastpage
    8
  • Abstract
    This paper describes CIAM, an approach that provides cyber security engineers with an initial prioritization of security controls. The approach incorporates data related to security incidents, vulnerabilities exploited, business impact, and security control costs.
  • Keywords
    security of data; cyber security engineers; security controls; Computer security; Equations; NIST; Process control; Servers; Cyber security Investment; Security Controls; Security Incident data;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Systems Conference (SysCon), 2012 IEEE International
  • Conference_Location
    Vancouver, BC
  • Print_ISBN
    978-1-4673-0748-2
  • Type

    conf

  • DOI
    10.1109/SysCon.2012.6189500
  • Filename
    6189500
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1920446