cybersecurity models
cybersecurity frameworks
cyber-attack models or frameworks for organisations
There are a ton of frameworks and models; the model you use really depends on 1) who the model is for (government, individual, country, critical infrastructure stakeholder etc.) 2) the cybersecurity threat you're trying to mitigate (data breach, physical security repercussion, repetitional damage) 3) the actor you're working against (script kiddies-->nation states) 4) the processes you can use to shore up against the threat (harden the target, offense/attack, adapt, improve organizational processes, improve hardware).
Unfortunately, models and frameworks have not been compared in a systematic way, descriptions are vague, and few have been validated empirically.
You might be interested in an article I've written on the impact of a mandatory electric grid cybersecurity framework:
https://onlinelibrary.wiley.com/doi/full/10.1111/rego.12168
Email me if you'd like a copy.
Aaron
- Badges
- Science method
- Similar topics
- Teaching