Enhanced Model for Efficient Development of Security-Audit Criteria

Abstract:

Cyberattacks have grown in importance to become a matter of national security. A growing number of states and organisations have been developing defensive and offensive capabilities for cyber warfare. Security criteria are important tools for defensive capabilities of critical communications and information systems. This paper enhances an earlier model for efficient development of security-audit criteria. The paper includes a case study that applies the model to existing security criteria. The results indicate that the model is useful for reviewing existing criteria. The results also suggest that the model would be useful for criteria under development.


AUTHORS

Photo of Tomi Kelo

Tomi Kelo

Department of Pervasive Computing
Tampere University of Technology
Tampere, Finland

Tomi Kelo is working as a Chief Specialist at the Finnish National Cyber Security Centre (NCSC-FI), focusing mainly on information assurance and cybersecurity matters. As a hobby, he is also preparing his doctoral thesis at the Tampere University of Technology.

 

Photo of Juhani Eronen

Juhani Eronen

Department of Computer Science and Engineering University of Oulu
Oulu, Finland

National Cyber Security Centre Finland Finnish Communications Regulatory Authority
Helsinki, Finland

Juhani Eronen is a chief specialist at the Finnish National Cyber Security Centre (NCSC-FI). For over 15 years, he has been intimately involved in research, discovery and coordination of security vulnerabilities and in incident response. His responsibilities in NCSC-FI include the automation of the nationwide handling of security incidents as well as information assurance.

Photo of Kimmo Rousku

Kimmo Rousku

Population Register Centre
Helsinki, Finland

Kimmo Rousku is working as General Secretary for the Public Sector Digital Security Management Board at the Finnish Population Register Centre. Kimmo met and cleaned his first virus epidemic case 1994 and has since been involved in different parts of digital security. As a hobby, he has authored over 20 books.


Published In

Volume 17, Issue 3

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

(

2

3

4

8

9

A
AI
APT

a

B

C
C2
C2S
CDX
CIA
CIP
CPS

D
DNS
DoD
DoS

E

e

F

G

H

I
IA
ICS

i

J

K

L

M

N

O

P

Q

R

S
SOA

T

t

U

V

W

X
XRY

Y

Z

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com