Enhanced Model for Efficient Development of Security-Audit Criteria

Abstract:

Cyberattacks have grown in importance to become a matter of national security. A growing number of states and organisations have been developing defensive and offensive capabilities for cyber warfare. Security criteria are important tools for defensive capabilities of critical communications and information systems. This paper enhances an earlier model for efficient development of security-audit criteria. The paper includes a case study that applies the model to existing security criteria. The results indicate that the model is useful for reviewing existing criteria. The results also suggest that the model would be useful for criteria under development.


AUTHORS

Photo of Tomi Kelo

Department of Pervasive Computing Tampere University of Technology
Tampere, Finland

National Cyber Security Centre Finland Finnish Communications Regulatory Authority Helsinki,
Finland

Tomi Kelo is working as a chief specialist at the Finnish National Cyber Security Centre (NCSC-FI), focusing mainly on information assurance matters. As a hobby, he is also preparing his doctoral thesis at the Tampere University of Technology.

Photo of Juhani Eronen

Department of Computer Science and Engineering University of Oulu
Oulu, Finland

National Cyber Security Centre Finland Finnish Communications Regulatory Authority
Helsinki, Finland

Juhani Eronen is a chief specialist at the Finnish National Cyber Security Centre (NCSC-FI). For over 15 years, he has been intimately involved in research, discovery and coordination of security vulnerabilities and in incident response. His responsibilities in NCSC-FI include the automation of the nationwide handling of security incidents as well as information assurance.

Photo of Kimmo Rousku

Population Register Centre
Helsinki, Finland

Kimmo Rousku is working as General Secretary for the Public Sector Digital Security Management Board at the Finnish Population Register Centre. Kimmo met and cleaned his first virus epidemic case 1994 and has since been involved in different parts of digital security. As a hobby, he has authored over 20 books.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Media Parner to JIW.

Media Partner

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com