In the last years, several standards and frameworks have been developed to help organizations to increase the security of their Information Technology (IT) systems. In order to deal with the continuous evolution of the cyberattacks complexity, such solutions have to cope with an overwhelming set of concepts, and are perceived as complex and hard to implement. This paper presents a visual analytics solution targeted at dealing with the Italian Adaptation of the Cyber Security Framework (IACSF), derived by the National Institute of Standards and Technology (NIST) proposal, adaptation that, in its full complexity, presents the security managers with hundreds of scattered concepts, like functions, categories, subcategories, priorities, maturity levels, current and target profiles, and controls, making its adoption a complex activity. The system has been designed together with the security experts of one of the largest Italian public organization and has the goal of providing a continuous overview of the adoption process, providing a prioritizing view that helps in effectively planning the required activities. A prototype is available at: http://awareserver.dis.uniroma1.it:11768/crumbs/
CRUMBS: A cyber security framework browser / Angelini, Marco; Lenti, Simone; Santucci, Giuseppe. - ELETTRONICO. - (2017), pp. 1-8. (Intervento presentato al convegno 14th IEEE Symposium on Visualization for Cyber Security, VizSec 2017 tenutosi a Phoenix; United States) [10.1109/VIZSEC.2017.8062194].
CRUMBS: A cyber security framework browser
Angelini, Marco
;LENTI, SIMONE
;Santucci, Giuseppe
2017
Abstract
In the last years, several standards and frameworks have been developed to help organizations to increase the security of their Information Technology (IT) systems. In order to deal with the continuous evolution of the cyberattacks complexity, such solutions have to cope with an overwhelming set of concepts, and are perceived as complex and hard to implement. This paper presents a visual analytics solution targeted at dealing with the Italian Adaptation of the Cyber Security Framework (IACSF), derived by the National Institute of Standards and Technology (NIST) proposal, adaptation that, in its full complexity, presents the security managers with hundreds of scattered concepts, like functions, categories, subcategories, priorities, maturity levels, current and target profiles, and controls, making its adoption a complex activity. The system has been designed together with the security experts of one of the largest Italian public organization and has the goal of providing a continuous overview of the adoption process, providing a prioritizing view that helps in effectively planning the required activities. A prototype is available at: http://awareserver.dis.uniroma1.it:11768/crumbs/| File | Dimensione | Formato | |
|---|---|---|---|
|
Angelini_CRUMBS_2017.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.31 MB
Formato
Adobe PDF
|
1.31 MB | Adobe PDF | Contatta l'autore |
|
Angelini_postprint_CRUMBS_2017.pdf
accesso aperto
Note: https://ieeexplore.ieee.org/document/8062194
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.15 MB
Formato
Adobe PDF
|
1.15 MB | Adobe PDF |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
