Decisions Disruptions 2: Decide Harder

by   Benjamin Shreeve, et al.

Cyber incident response is critical to business continuity – we describe a new exercise that challenges professionals to play the role of Chief Information Security Officer (CISO) for a major financial organisation. Teams must decide how organisational team and budget resources should be deployed across Enterprise Architecture (EA) upgrades and cyber incidents. Every choice made has an impact – some prevent whilst others may trigger new or continue current attacks. We explain how the underlying platform supports these interactions through a reactionary event mechanism that introduces events based on the current attack surface of the organisation. We explore how our platform manages to introduce randomness on top of triggered events to ensure that the exercise is not deterministic and better matches incidents in the real world. We conclude by describing next steps for the exercise and how we plan to use it in the future to better understand risk decision making.


It's more than just money: The real-world harms from ransomware attacks

As cyber-attacks continue to increase in frequency and sophistication, o...

The best laid plans or lack thereof: Security decision-making of different stakeholder groups

Cyber security requirements are influenced by the priorities and decisio...

An n-sided polygonal model to calculate the impact of cyber security events

This paper presents a model to represent graphically the impact of cyber...

Argumentation-based Security for Social Good

The increase of connectivity and the impact it has in every day life is ...

Optimism brings accurate perception in Iterated Prisoner's Dilemma

We analyze an extended model of the Iterated Prisoner's Dilemma where ag...

Towards Understanding the Impact of Crime in a Choice of a Route by a Bus Passenger

In this paper we describe a simulation platform that supports studies on...

Please sign up or login with your details

Forgot password? Click here to reset