Enhanced Model for Efficient Development of Security-Audit Criteria
Abstract:
Cyberattacks have grown in importance to become a matter of national security. A growing number of states and organisations have been developing defensive and offensive capabilities for cyber warfare. Security criteria are important tools for defensive capabilities of critical communications and information systems. This paper enhances an earlier model for efficient development of security-audit criteria. The paper includes a case study that applies the model to existing security criteria. The results indicate that the model is useful for reviewing existing criteria. The results also suggest that the model would be useful for criteria under development.
AUTHORS
Faculty of Information and Communication Sciences Tampere University
Tampere, Finland
National Cyber Security Centre Finland
Finnish Transport and Communications Agency
Helsinki, Finland
Tomi Kelo is working as a Chief Specialist at the Finnish National Cyber Security Centre (NCSC-FI), focusing mainly on information assurance and cybersecurity matters. As a hobby, he is also preparing his doctoral thesis at the Tampere University
Department of Computer Science and Engineering University of Oulu
Oulu, Finland
National Cyber Security Centre Finland Finnish Communications Regulatory Authority
Helsinki, Finland
Juhani Eronen is a Chief Specialist at the Finnish National Cyber Security Centre (NCSC-FI). For over 25 years he has been intimately involved in research, discovery, and coordination of security vulnerabilities and in incident response. His responsibilities in NCSC-FI include the automation of the nationwide handling of security incidents as well as information assurance.
Population Register Centre
Helsinki, Finland
Kimmo Rousku is working as General Secretary for the Public Sector Digital Security Management Board at the Finnish Population Register Centre. Kimmo met and cleaned his first virus epidemic case 1994 and has since been involved in different parts of digital security. As a hobby, he has authored over 20 books.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive