Skip to the main content

Polytechnica : Journal of Technology Education, Vol. 6 No. 2, 2022.

Review article

https://doi.org/10.36978/cte.6.2.2

Cyber Security and Defense Insights: Designing a Conceptual Model of Cyber Resilience

Darko Galinec orcid id orcid.org/0000-0003-4465-6143

Full text: croatian PDF 1 Kb

page 18-32

downloads: 110

cite

Abstract

The planning of cyber security within a complex system and the application of its principles and procedures aims to achieve the system's resilience in cyber space, i.e. Cyber ​​Resilience. The purpose of a complex system is to carry out a mission as a set of abilities and preferences with regard to the internal and external circumstances of the system. Achieving cyber resilience requires organizational, human, material and financial means in the implementation of measures, activities and procedures to reduce the level of residual (remaining) security risk. This is the part of the security risk that must be accepted within the system, since at the time of risk assessment with regard to internal and external circumstances as an opportunity to develop capabilities, it is not possible to achieve its further reduction. The conceptual research presented in this paper analyzes the ways and means for achieving cyber resilience in the conditions of today's growing security risks. The goal of this research is to create a new model of cyber resilience, which includes cyber and information security. The context of the model consists of unrecognized security risks in cyberspace, and the conceptual modeling method is used to design the model. The model implies and encompasses the awareness of the existence of unknown system vulnerabilities and at the same time unknown cyber threats and attacks as possible consequences of the existence of unrecognized vulnerabilities. This also takes into account the fact that the methods of preventing unprecedented threats Zero-Day Attacks in a large number of business cases are unknown today, as well as the methods of defense and possible responses to them - Unknown Unknowns. To confront the aforementioned challenges, there is a need to create "knowledge about ignorance" of a complex system, i.e. to develop cyber capabilities and their realization, based on the principles of cyber security and cyber defense.

Keywords

attribution,atribucija,cyber attack ,kibernetička obrana,cyber defense ,kibernetička otpornost,cyber resilience ,kibernetička sigurnost,cybersecurity,koncepcijski model

Hrčak ID:

289187

URI

https://hrcak.srce.hr/289187

Publication date:

23.12.2022.

Article data in other languages: croatian

Visits: 413 *