The Navigation Metaphor in Security Economics

TitleThe Navigation Metaphor in Security Economics
Publication TypeJournal Article
Year of Publication2016
AuthorsPieters W., Barendse J., Ford M., Heath C.PR, Probst C.W, Verbij R.
JournalIEEE Security & Privacy
Volume14
Pagination14–21
Date PublishedMay
ISSN1540-7993
Keywordsattack navigators, attacker profiles, cyberattacks, e-commerce, hackers, Internet/Web technologies, navigation, security, security economics, security models, visualization
Abstract

The navigation metaphor for cybersecurity merges security architecture models and security economics. By identifying the most efficient routes for gaining access to assets from an attacker's viewpoint, an organization can optimize its defenses along these routes. The well-understood concept of navigation makes it easier to motivate and explain security investment to a wide audience, encouraging strategic security decisions.

DOI10.1109/MSP.2016.47