DocumentCode :
722766
Title :
Visual structures for seeing cyber policy strategies
Author :
Stoll, Jennifer ; Bengez, Rainhard Z.
Author_Institution :
Lehrstuhl fur Philosophie und Wissenschaftstheorie, Tech. Univ. Munchen (TUM), München, Germany
fYear :
2015
fDate :
26-29 May 2015
Firstpage :
135
Lastpage :
152
Abstract :
In the pursuit of cyber security for organizations, there are tens of thousands of tools, guidelines, best practices, forensics, platforms, toolkits, diagnostics, and analytics available. However according to the Verizon 2014 Data Breach Report: “after analysing 10 years of data... organizations cannot keep up with cyber crime-and the bad guys are winning.” Although billions are expended worldwide on cyber security, organizations struggle with complexity, e.g., the NISTIR 7628 guidelines for cyber-physical systems are over 600 pages of text. And there is a lack of information visibility. Organizations must bridge the gap between technical cyber operations and the business/social priorities since both sides are essential for ensuring cyber security. Identifying visual structures for information synthesis could help reduce the complexity while increasing information visibility within organizations. This paper lays the foundation for investigating such visual structures by first identifying where current visual structures are succeeding or failing. To do this, we examined publicly available analyses related to three types of security issues: 1) epidemic, 2) cyber attacks on an industrial network, and 3) threat of terrorist attack. We found that existing visual structures are largely inadequate for reducing complexity and improving information visibility. However, based on our analysis, we identified a range of different visual structures, and their possible trade-offs/limitation is framing strategies for cyber policy. These structures form the basis of evolving visualization to support information synthesis for policy actions, which has rarely been done but is promising based on the efficacy of existing visualizations for cyber incident detection, attacks, and situation awareness.
Keywords :
data visualisation; security of data; terrorism; Verizon 2014 Data Breach Report; cyber attacks; cyber incident detection; cyber policy strategies; cyber security; information synthesis; information visibility; situation awareness; terrorist attack; visual structures; Complexity theory; Computer security; Data visualization; Organizations; Terrorism; Visualization; cyber security policy; human-computer interaction; organizations; visual structures; visualization;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Cyber Conflict: Architectures in Cyberspace (CyCon), 2015 7th International Conference on
Conference_Location :
Tallinn
ISSN :
2325-5366
Print_ISBN :
978-9-9499-5442-1
Type :
conf
DOI :
10.1109/CYCON.2015.7158474
Filename :
7158474
Link To Document :
بازگشت