scholarly journals Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework

Sensors ◽  
2021 ◽  
Vol 21 (9) ◽  
pp. 3267
Author(s):  
Anna Georgiadou ◽  
Spiros Mouzakitis ◽  
Dimitris Askounis
Keyword(s):  
Cyber Security ◽  
Common Knowledge ◽  
Holistic Approach ◽  
Security Assessment ◽  
Current Application ◽  
Industrial Control Systems ◽  
Holistic View ◽  
Security Culture ◽  
Individual Culture ◽  
Systems Model

The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK’s possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks.

scholarly journals A Review of Cyber Security Assessment (CSA) for Industrial Control Systems (ICS) and Their Impact on The Availability of the ICS Operation

2021 ◽  
Vol 1860 (1) ◽  
pp. 012015
Author(s):  
Nor Afiq Bonandir ◽  
Norziana Jamil ◽  
Md Nabil Ahmad Nawawi ◽  
Razali Jidin ◽  
Mohd Ezanee Rusli ◽  
...  
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Security Assessment ◽  
Industrial Control ◽  
Industrial Control Systems

A review of security assessment methodologies in industrial control systems

2019 ◽  
Vol 27 (1) ◽  
pp. 47-61 ◽  
Author(s):  
Qais Saif Qassim ◽  
Norziana Jamil ◽  
Maslina Daud ◽  
Ahmed Patel ◽  
Norhamadi Ja’affar
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Electrical Power ◽  
Assessment Method ◽  
Cyber Attacks ◽  
Security Requirements ◽  
Security Assessment ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Content Type

Purpose The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure. Design/methodology/approach This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems. Findings The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements. Originality/value This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks.

scholarly journals powerLang: a probabilistic attack simulation language for the power domain

2020 ◽  
Vol 3 (1) ◽  
Author(s):  
Simon Hacks ◽  
Sotirios Katsikeas ◽  
Engla Ling ◽  
Robert Lagerström ◽  
Mathias Ekstedt
Keyword(s):  
Cyber Security ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Cyber Attack ◽  
Industrial Control ◽  
Attack Graphs ◽  
Industrial Control Systems ◽  
Domain Specific ◽  
Simulation Language ◽  
Power Domain

AbstractCyber-attacks these threats, the cyber security assessment of IT and OT infrastructures can foster a higher degree of safety and resilience against cyber-attacks. Therefore, the use of attack simulations based on system architecture models is proposed. To reduce the effort of creating new attack graphs for each system under assessment, domain-specific languages (DSLs) can be employed. DSLs codify the common attack logics of the considered domain.Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop DSLs and generate attack graphs for modeled infrastructures. In this article, powerLang as a MAL-based DSL for modeling IT and OT infrastructures in the power domain is proposed. Further, it allows analyzing weaknesses related to known attacks. To comprise powerLang, two existing MAL-based DSL are combined with a new language focusing on industrial control systems (ICS). Finally, this first version of the language was validated against a known cyber-attack.

scholarly journals Leveraging human factors in cybersecurity: an integrated methodological approach

2021 ◽  
Author(s):  
Alessandro Pollini ◽  
Tiziana C. Callari ◽  
Alessandra Tedeschi ◽  
Daniele Ruscio ◽  
Luca Save ◽  
...  
Keyword(s):  
Human Factors ◽  
Cyber Security ◽  
Quantitative Research ◽  
Methodological Approach ◽  
Quantitative Research Methods ◽  
Security Culture ◽  
Technological Factors ◽  
Qualitative And Quantitative ◽  
The Individual ◽  
Technical Solutions

AbstractComputer and Information Security (CIS) is usually approached adopting a technology-centric viewpoint, where the human components of sociotechnical systems are generally considered as their weakest part, with little consideration for the end users’ cognitive characteristics, needs and motivations. This paper presents a holistic/Human Factors (HF) approach, where the individual, organisational and technological factors are investigated in pilot healthcare organisations to show how HF vulnerabilities may impact on cybersecurity risks. An overview of current challenges in relation to cybersecurity is first provided, followed by the presentation of an integrated top–down and bottom–up methodology using qualitative and quantitative research methods to assess the level of maturity of the pilot organisations with respect to their capability to face and tackle cyber threats and attacks. This approach adopts a user-centred perspective, involving both the organisations’ management and employees, The results show that a better cyber-security culture does not always correspond with more rule compliant behaviour. In addition, conflicts among cybersecurity rules and procedures may trigger human vulnerabilities. In conclusion, the integration of traditional technical solutions with guidelines to enhance CIS systems by leveraging HF in cybersecurity may lead to the adoption of non-technical countermeasures (such as user awareness) for a comprehensive and holistic way to manage cyber security in organisations.

A Systems Approach to Effectiveness in Catholic Elementary Schools: A Replication and Extension

2011 ◽  
Vol 21 (6) ◽  
pp. 789-818 ◽  
Author(s):  
Roxanne M. Mitchell ◽  
C. John Tarter
Keyword(s):  
Student Achievement ◽  
Elementary Schools ◽  
School Performance ◽  
School Effectiveness ◽  
Systems Approach ◽  
Open Systems ◽  
School Outcomes ◽  
Regression Analyses ◽  
Individual Culture ◽  
Systems Model

This study replicated an earlier study conducted by Tarter and Hoy (2004) in which an open systems model was used to test a series of hypotheses that explained elements of school performance. Four internal system elements (structure, individual, culture, and politics) of the school were used to explain two sets of school outcomes (student achievement and teachers’ assessment of overall school effectiveness) in a sample of 110 Catholic elementary schools in one Northeastern city. Correlational and multiple regression analyses were used to test the relationships. The results of this study further confirmed the usefulness of this model in understanding the factors that contribute to quality in elementary schools.

Cyber security in industrial control system

2021 ◽  
pp. 481-493
Author(s):  
Sarika Singh ◽  
Gargi Phadke
Keyword(s):  
Control System ◽  
Control Systems ◽  
Communication Networks ◽  
Cyber Security ◽  
Denial Of Service ◽  
Mitigation Measures ◽  
Security Assessment ◽  
Industrial Control System ◽  
Industrial Control ◽  
Smart Grid Communication

For any system to secure them industrial control system plays an important role in it. It helps to design the isolated procure system, specialized communication mechanisms is used to help for the setup. And with the help of this setup the flexibility, safety, threats, and vulnerabilities are the most important things to make. To secure them from risk assessment and other protection measurement need to specify with good instruments and security. The paper describes technical aspects on Denial of Service (Dos) attack. We also identify how smart grid communication networks works in security technical implementation guides of the different countries as a defense information systems agency. A brief chronicle of cyber storm on ICS; common challenges, some mitigation of those challenge, all levels of the multi-layered ICS architecture. This paper demonstrates railway control systems (RCS) compliance estimation of immovable control system design, operational scenarios that can be used for mitigation measures and security assessment.

Sign in / Sign up

Export Citation Format

Share Document