Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Michael Siegel James Houghton Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development.

Similar presentations


Presentation on theme: "1 Michael Siegel James Houghton Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development."— Presentation transcript:

1 1 Michael Siegel James Houghton Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity (IC) 3 3 Sept 2014

2 Mission: Resiliency of Organizations & Markets  Effective and innovative solutions to cyber insecurity require coordinated efforts to support the resiliency of the cyber organizational “ecosystem”—the individuals, firms, and markets occupying the cyber domain, as well as the interactions among actors  Key questions: Behavioral: What are the attitudes and perceptions of the private sector about cyber security? Managerial: What solutions can feasibly be manipulated by the firm or sector itself, and what can be encouraged or directed by outside actors? Technological: What is effecting product security of key IT components?  Modeling framework to unpack cyber dynamics and provide organizational framework 2

3 Brief Overview of System Dynamics  SDM used as modeling & simulation method over 50 years Eliminate limitations of linear logics and over-simplicity Based on system structure, behavior patterns, interconnections of positive & negative feedback loops  SDM has been applied to numerous domains Software development projects Process Improvement projects Crisis and threat in the world oil market Stability and instability of countries … many many others …  SDM helps to uncover ‘hidden’ dynamics in system Helps understand ‘unfolding’ of situations, Helps anticipate & predict new modes Explore range of unintended consequences 3

4 Mission: Dynamics of Threats and Resilience * Verizon Data Breach Report 67% were aided by significant errors (of the victim) How did breaches (threats) occur? * 64% resulted from hacking 38% utilized Malware Over 80% of the breaches had patches available for more than 1 year How are security and threat processes (resilience) managed? * 75% of cases go undiscovered or uncontained for weeks or months 4

5 Relating Actions to Outcomes Key Question: What is controlling the rates of change and how can we be more anticipatory rather than reactive? 5

6 6 Not Compromised Identified Attack Vectors Compromised Attacker Capabilities Sector Performance Firm Knowledge And Awareness Indentifying Exploits Resources Motivation Skills Awareness Visibility Technical Capabilities Process Architecture Info Sharing Patching Attack Vector Identification Reverse Engineering Firm Performance Vendor Resilience and Responsiveness

7 7 Architecture Resilience Not Compromised Identified Attack Vectors Compromised Attacker Capabilities Sector Performance Firm Knowledge And Awareness System Compromising Firm Performance Establishing Footholds Remediating Compromising Availability Data Security Public Awareness Defensive Procedures

8 Simulation Modeling Overview Software Security Patching Attacking 8

9 Making the Case Week Week Week Not Compromised Attack Vectors Infected Technical Week Week “Upstream Costs”“Downstream Costs” Managers 2,000 1,500 1, Week Total Costs Senior Management (CIO) Blue is base case; red case is patching with configuration standards; green is current case 9

10 Summary of Results  Solving problems “upstream” is more effective than fixing them “downstream.”  Differentials in time delays in physical processes (such as patching) and behavioral processes (such as changing individual behavior) are key to understanding the efficacy of proposed interventions.  Nonlinearities and tipping points may exist due to inertia and path-dependence in systems. 10

11 BACKUP 11

12 Valuing Software Portfolios Using System Dynamics Models  Project value changes over time depending on maintenance At first the value rises as application development takes shape It then adjusts overtime according to the maintenance spend  A project may have a high initial expected value, but maintenance dynamics may erode that value over time The graph shows the value of one application given different maintenance Time Value We plan for the blue case when the red case may be more likely

13 Patching Dynamics 13

14 Downstream Dynamics 14


Download ppt "1 Michael Siegel James Houghton Advancing Cybersecurity Using System Dynamics Simulation Modeling For System Resilience, Patching, and Software Development."

Similar presentations


Ads by Google