Combining cybersecurity and cyber defense to achieve cyber resilience

Galinec, Darko; Steingartner, William

doi:10.1109/informatics.2017.8327227

Cited by 20 publications

(14 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Kibernetička obrana se usredotočuje na sprečavanje, otkrivanje i pružanje brzih odgovora na napade i prijetnje tako da ne dođe do promjena na infrastrukturi ili informacijama. S porastom volumena i složenosti kibernetičkih napada, kibernetička obrana je postala ključna za većinu subjekata kako bi se zaštitile osjetljive informacije i čuvala imovina (Galinec, Steingartner, 2017).…”

Section: Kibernetička Obranaunclassified

“…Prema autorima rada "Combining Cybersecurity and Cyber Defense to Achieve Cyber Resilience" (Galinec, Steingartner, 2017) samo kibernetička sigurnost za smanjivanje rizika više nije dovoljna: postoji potreba za strategijom obrane, prevencijom i odgovorom. Ideja otpornosti, u svom osnovnom obliku, je procjena što će se dogoditi prije, tijekom i nakon što mrežno povezani sustav bude suočen s prijetnjom.…”

Section: Risk/compliance Gap Assessment)unclassified

See 1 more Smart Citation

Uvid u kibernetičku sigurnost i obranu

Galinec

2022

Politehnika (Online)

View full text Add to dashboard Cite

Planiranje kibernetičke sigurnosti unutar složenog sustava i primjena njezinih načela i postupaka ima cilj (eng. end) postići otpornost sustava u kibernetičkom prostoru tj. kibernetičku otpornost (eng. Cyber Resilience). Svrha složenoga sustava je izvršavanje misije (zadaće, poslanja) kao skupa sposobnosti i sklonosti s obzirom na unutarnje i vanjske okolnosti sustava. Za postizanje kibernetičke otpornosti potrebna su organizacijska, ljudska, materijalna (tvarna) i financijska (novčana) sredstva (eng. means) u provedbi mjera, aktivnosti i postupaka za smanjenje razine rezidualnog (preostalog) sigurnosnog rizika. To je onaj dio sigurnosnog rizika kojeg je unutar sustava nužno prihvatiti, budući da u trenutku procjene rizika, s obzirom na unutarnje i vanjske okolnosti kao prilika za razvoj sposobnosti, nije moguće postići njegovo daljnje smanjivanje. Koncepcijskim istraživanjem prikazanim u ovom radu analiziraju se načini (eng. ways) i sredstva (eng. means) za postizanje kibernetičke otpornosti u uvjetima rastućih sigurnosnih rizika današnjice. Cilj ovog istraživanja je stvaranje novoga modela kibernetičke otpornosti, koji obuhvaća kibernetičku i informacijsku sigurnost. Kontekst modela čine neprepoznati sigurnosni rizici u kibernetičkom prostoru, a za oblikovanje modela rabi se metoda koncepcijskog modeliranja. Model podrazumijeva i obuhvaća svjesnost o postojanju nepoznatih ranjivosti sustava i istodobno nepoznatih kibernetičkih ugroza (eng. Cyber Threats) i napada (eng. Cyber Attacks) kao mogućih posljedica postojanja neprepoznatih ranjivosti. Pri tome se, također, uzima u obzir činjenica kako su načini sprječavanja do tada neviđenih ugroza i napada nultog dana (eng. Zero-Day Attacks) u velikom broju poslovnih slučajeva danas nepoznati, jednako kao i načini obrane i možebitni odgovori na iste - nepoznate nepoznanice (eng. Unknown Unknowns). Za sučeljavanje s navedenim izazovima postoji potreba za stvaranjem „znanja o neznanju“ složenog sustava tj. za razvojem kibernetičkih sposobnosti i njihovom ostvarenju, temeljem načela kibernetičke sigurnosti i kibernetičke obrane.

show abstract

Section: Kibernetička Obranaunclassified

Section: Risk/compliance Gap Assessment)unclassified

Uvid u kibernetičku sigurnost i obranu

Galinec

2022

Politehnika (Online)

View full text Add to dashboard Cite

show abstract

“…The approach, however, focuses only to malware software programs as the sources of work disruption. Galinec and Steingartner [21] provide a high-level model describing that cyber resilience encompasses information security coping with safeguarding "known" (availabilityintegrity and confidentiality, "AIC threats") and cybersecurity dealing with complex and "unknown" AIC incidents, for coping with unforeseeable and unpredictable events in inner and outer environment of an organization as a whole. The study concludes by emphasizing the need for elicitation of efficient and effective processes for supporting the resilience model.…”

Section: Modelling and Analysis Framework For Security And Resiliencementioning

confidence: 99%

Cyber Security Resilience in Business Informatics: An Exploratory Paper

Mouratidis

Zdravković

Stirna

2020

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Although considerable effort is made to secure organisational infrastructures and to protect organizational assets, it is widely acknowledged that it is equally important to ensure that organisations need to define appropriate ways to harden their overall resilience including recovery from security incidents. In this exploratory paper we outline research challenges and we present the motivation and the foundations of a novel framework that is based on security resilience and capability modelling theory.

show abstract

“…Providing the required level of cyber resilience of the infocommunication network is a complex technical task [1][2][3][4][5]. The solution to such problems is impossible without the consistent use of all protocols available in modern networks [6,7].…”

Section: Introductionmentioning

confidence: 99%

“…In turn, cyber-resilience is a framework designed to help infocommunication networks withstand different cyber-attacks [1][2][3][4][5]. However, it is not a single layer of protection but an iterative process that provides the means of recovery from attacks and a way for organizations to structure their defense policies.…”

Section: Introductionmentioning

confidence: 99%

Providing cyber resilience in software-defined networks by secure routing means

Chhaytli¹,

Persikov²

2021

ICTEE

View full text Add to dashboard Cite

This paper is devoted to solving the technical task of providing cyber resilience utilizing secure routing means in Software-Defined Networks (SDN). The work analyzes the SDN architecture and its main components, the concept of cyber resilience and its means, as well as security issues in SDN. Particular attention is paid to the use of secure routing in software-defined networks. Numerical research of the model of secure multipath routing of fragmented confidential messages in the SDN data plane was conducted. The calculation of the message compromise probability for different values of links compromise probabilities was performed. The obtained results showed that the model of secure multipath routing of fragmented confidential messages with redundancy provides a better balancing of message parts by routes. Results of the numerical study proved the adequacy of the selected secure multipath routing model.

show abstract

Combining cybersecurity and cyber defense to achieve cyber resilience

Cited by 20 publications

References 1 publication

Uvid u kibernetičku sigurnost i obranu

Uvid u kibernetičku sigurnost i obranu

Cyber Security Resilience in Business Informatics: An Exploratory Paper

Providing cyber resilience in software-defined networks by secure routing means

Contact Info

Product

Resources

About