demonstration

Visual exploration and analysis of the italian cybersecurity framework

Authors:

Marco Angelini,

Graziano Blasilli,

Simone Lenti,

Giuseppe SantucciAuthors Info & Claims

AVI '18: Proceedings of the 2018 International Conference on Advanced Visual Interfaces

Article No.: 55, Pages 1 - 3

https://doi.org/10.1145/3206505.3206579

Published: 29 May 2018 Publication History

Get Access

Abstract

In the last years, several standards and frameworks have been developed to help organizations to increase the security of their Information Technology (IT) systems. In order to deal with the continuous evolution of the cyber-attacks complexity, such solutions have to cope with an overwhelming set of concepts, and are perceived as complex and hard to implement. The exploration of the cyber-security state of an organization can be made more effective and proficient if supported by the right level of automation. This paper presents the implementation of a visual analytics solution, called CybeR secUrity fraMework BrowSer (CRUMBS) [2], targeted at dealing with the Italian Adaptation of the Cyber Security Framework (IACSF), derived by the National Institute of Standards and Technology (NIST) proposal [1], adaptation that, in its full complexity, presents the security managers with hundreds of scattered concepts, like functions, categories, subcategories, priorities, maturity levels, current and target profiles, and controls, making its adoption a complex activity. The prototype is available at: http://awareserver.dis.uniroma1.it:11768/crumbs/.

References

[1]

2014. Framework for Improving Critical Infrastructure Cybersecurity. National Institute of Standards and Technology. (2014).

Digital Library

Google Scholar

[2]

Marco Angelini, Simone Lenti, and Giuseppe Santucci. 2017. CRUMBS: A cyber security framework browser. In Visualization for Cyber Security (VizSec), 2017 IEEE Symposium on. IEEE, 1--8.

Crossref

Google Scholar

[3]

Marco Angelini and Giuseppe Santucci. 2016. Cyber situational awareness: from geographical alerts to high-level management. Journal of Visualization (2016), 1--7.

Digital Library

Google Scholar

[4]

Zahid Anwar and Roy Campbell. 2008. Automated assessment of compliance with security best practices. In International Conference on Critical Infrastructure Protection. Springer, 173--187.

Google Scholar

[5]

Kemal Hajdarevic, Colin Pattinson, Kemal Kozaric, and Amela Hadzic. 2012. Information security measurement infrastructure for KPI visualization. In MIPRO, Proceedings of the 35th International Convention. IEEE.

Google Scholar

[6]

Matthew Harvey, Daniel Long, and Karl Reinhard. 2014. Visualizing NISTIR 7628, Guidelines for Smart Grid Cyber Security. In Power and Energy Conference at Illinois (PECI), 2014. IEEE, 1--8.

Google Scholar

[7]

Research Center of Cyber Intelligence and Information Security. {n. d.}. A National Cybersecurity Framework, http://www.cybersecurityframework.it/en.

Google Scholar

[8]

Roberta S Russell. 2006. A framework for analyzing ERP security threats. In Proceedings of the Euro-Atlantic Symposium on Critical Information Infrastructure Assurance, March. 23--34.

Google Scholar

Cited By

View all

Damasevicius RToldinas JVenckauskas AGrigaliunas SMorkevicius N(2020)Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process2020 24th International Conference Electronics10.1109/IEEECONF49502.2020.9141613(1-4)Online publication date: Jun-2020
https://doi.org/10.1109/IEEECONF49502.2020.9141613
Damaševičius RToldinas JVenčkauskas AGrigaliūnas ŠMorkevičius NJukavičius V(2019)Visual Analytics for Cyber Security Domain: State-of-the-Art and ChallengesInformation and Software Technologies10.1007/978-3-030-30275-7_20(256-270)Online publication date: 3-Oct-2019
https://doi.org/10.1007/978-3-030-30275-7_20

Index Terms

Visual exploration and analysis of the italian cybersecurity framework
1. Human-centered computing
  1. Visualization
    1. Visualization application domains
      1. Visual analytics
2. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Usability in security and privacy

Recommendations

Cognitive Risk Framework for Cybersecurity: Bounded Rationality

Cyber risk professionals face a formidable challenge in keeping pace with the asymmetric nature of today’s advanced threats in cyber security. Spending on cyber security has skyrocketed yet the threat continues to grow exponentially. This phenomenon is ...
Cybersecurity: High-impact Strategies - What You Need to Know Definitions, Adoptions, Impact, Benefits, Maturity, Vendors
Cybersecurity vulnerability mitigation framework through empirical paradigm: Enhanced prioritized gap analysis
Abstract
Existing cybersecurity vulnerability assessment tools were designed based on the policies and standards defined by organizations such as the U.S. Department of Energy and the National Institute of Standards and Technology (NIST). ...
Highlights
- Demonstrates the cybersecurity vulnerability mitigation framework (CyFEr).
- ...

Comments

Information & Contributors

Information

Published In

AVI '18: Proceedings of the 2018 International Conference on Advanced Visual Interfaces

May 2018

430 pages

ISBN:9781450356169

DOI:10.1145/3206505

General Chair:
Tiziana Catarci
Sapienza Università di Roma, Italy
,
Program Chairs:
Kent Norman
University of Maryland
,
Massimo Mecella
Sapienza Università di Roma, Italy

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 May 2018

Check for updates

Qualifiers

Demonstration

Conference

AVI '18

Sponsor:

AVI '18: 2018 International Conference on Advanced Visual Interfaces

May 29 - June 1, 2018

Grosseto, Castiglione della Pescaia, Italy

Acceptance Rates

AVI '18 Paper Acceptance Rate 19 of 77 submissions, 25%;

Overall Acceptance Rate 128 of 490 submissions, 26%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
120
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)2

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Damasevicius RToldinas JVenckauskas AGrigaliunas SMorkevicius N(2020)Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process2020 24th International Conference Electronics10.1109/IEEECONF49502.2020.9141613(1-4)Online publication date: Jun-2020
https://doi.org/10.1109/IEEECONF49502.2020.9141613
Damaševičius RToldinas JVenčkauskas AGrigaliūnas ŠMorkevičius NJukavičius V(2019)Visual Analytics for Cyber Security Domain: State-of-the-Art and ChallengesInformation and Software Technologies10.1007/978-3-030-30275-7_20(256-270)Online publication date: 3-Oct-2019
https://doi.org/10.1007/978-3-030-30275-7_20

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Cognitive Risk Framework for Cybersecurity: Bounded Rationality

Cybersecurity: High-impact Strategies - What You Need to Know Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Cybersecurity vulnerability mitigation framework through empirical paradigm: Enhanced prioritized gap analysis