Expert Judgment Model to Assess Cyber-Attack Scenarios on Enterprise Architectures Open Access
Downloadable ContentDownload PDF
Cyber-attackers exploit people, processes, and technologies to steal high-value organizational data. The corresponding attacks are complex, cost organizations millions of dollars to resolve, and require rapid-response, architecture-based mitigation. Consequently, Cybersecurity strategies that focus only on technical security standards compliance and vulnerability mitigation do not sufficiently protect organizational assets against live, advanced, and persistent threat actors. Enterprise Architecture frameworks are the key Systems Engineering methods used to describe the interactions of people, processes, and technologies within enterprises that have been found to be effective in planning Cybersecurity mitigations. Consequent on a thorough literature review, a follow-on pilot study, and subsequent case study analysis, this research proposes a rapidly deployable model that facilitates expression of cyber-attack scenarios via Enterprise Architecture to develop Enterprise Attack Maps (EAMs). An EAM describes cyber-attack scenarios using architectural language, thereby providing a common taxonomy that can be leveraged across the enterprise for swift architecture-based Cybersecurity decision-making. Evaluations of model conducted, using SME judgment and analysis leveraging two different types of decision-making methods—the Multi-Voting methodology and the multi-criteria decision-making (MCDM) weighted sum model (WSM) technique—demonstrate its efficacy. Further this research demonstrates how an EAM can be used to conduct Information Technology (IT) Portfolio Management. Applying the EAM will inform decision makers on which areas of the enterprise to focus people, processes, and technology to mitigate cyber-attacks.