From Enterprise Architecture to Cyber Security Risk Assessment
Margaret Ford, Consult Hyperion, UK; and Henk Jonkers, BiZZdesign, Netherlands
Cyber security risk assessment is often a manual process, requiring brainstorm sessions to identify possible attacks. Attack opportunities will be identified and prevented only if people can envisage them. In today's dynamic attack landscape, this process is too slow and exceeds the limits of human imaginative capability. Emerging security risks and multi-step attacks demand tool support to predict, prioritise, and prevent complex attacks systematically. It seems natural to use existing models of organisations, such as enterprise architectures, as a basis for automating part of this process.
In the TREsPASS 7th Framework project, attack navigators are being developed to analyse and visualise information security risks in dynamic organisations, as well as possible countermeasures. To this end, the project combines knowledge from technical sciences (how vulnerable protocols and software are), social sciences (how likely people are to succumb to social engineering), and state-of-the-art industry processes and tools. The project leverages organisational models, the ArchiMate enterprise architecture modelling language and the Open Group Risk Taxonomy standard (based on FAIR) to assist organisations in prioritising risks and countermeasures.
In this presentation , the fundamental concepts of the project will be outlined, as well as the connections with ArchiMate and the Risk Taxonomy standard. This provides valuable input for future developments and extensions of the relevant standards.
-- Complex cyber security risks require systematic, model-based risk assessment
-- Attack navigators can provide this by linking ArchiMate to the Risk Taxonomy
Margaret Ford has extensive experience in the design, delivery and management of enterprise scale network security systems, with a special interest in Identity and Privacy. Margaret has worked extensively in the public sector and for pharmaceutical companies, major financial institutions and corporate clients. She has contributed to various research reports into state of the art electronic identity for the European Commission and is currently working on TREsPASS, a large scale EU-funded risk management research project.
Henk Jonkers is a senior research consultant, involved in BiZZdesign's innovations in the areas of enterprise architecture and engineering. He participates in multi-party research projects, contributes to training courses, and performs consultancy assignments. Previously, as a member of scientific staff at an applied IT research institute, he was involved in research projects on business process modeling and analysis, enterprise architecture, service-oriented architecture, and model-driven development. He
was one of the main developers of the ArchiMate language and an author of the ArchiMate 1.0 and 2.0 Specifications, and is actively involved in the activities of the ArchiMate Forum of The Open Group.