Measuring and Creating Situational Awareness in Cybersecurity: The Requirements Specification for Situational Awareness and Metrics Platform
Salomaa, Jyri (2019)
Salomaa, Jyri
2019
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2019121626988
https://urn.fi/URN:NBN:fi:amk-2019121626988
Tiivistelmä
Cybersecurity and risk management are an inevitable part of organisations decision-making processes. Decisions needs to be made faster and more adjusted to the context. To understand the overall cybersecurity risks in organisation, the threat actors and the relevant information shall be available.
The objective of this master’s thesis was to study the essence of measuring cybersecurity, the key elements and relevance of the cybersecurity related metrics. Additionally, this thesis concentrated on what are the general requirements for cybersecurity metrics platform, how to display the metrics, what are the sources of the metrics to create a holistic cybersecurity posture and situational awareness. The goal of this research was to find and define the relevant requirements for cybersecurity metrics and situational awareness platform.
Action-based qualitative methods were used in this research study. The theoretical part included the introduction of main cybersecurity and measuring concepts. During this phase, the cybersecurity metrics were collected from the theoretical research and publication available from cybersecurity frameworks. As part of the research, a questionnaire was prepared and analysed. Key persons from the target organisation were then interviewed.
The research showed that there appears to be many different definitions related to the term of ‘cybersecurity’. Cybersecurity research, attacks, threats and new technology is constantly evolving. Measuring is important part of the cybersecurity situational awareness and organisation decision making. These processes need continuous improvement. In practice, this means that the cybersecurity metrics must be reviewed and refined periodically as stakeholders has different needs and views for relevant metrics that they would like use.
The objective of this master’s thesis was to study the essence of measuring cybersecurity, the key elements and relevance of the cybersecurity related metrics. Additionally, this thesis concentrated on what are the general requirements for cybersecurity metrics platform, how to display the metrics, what are the sources of the metrics to create a holistic cybersecurity posture and situational awareness. The goal of this research was to find and define the relevant requirements for cybersecurity metrics and situational awareness platform.
Action-based qualitative methods were used in this research study. The theoretical part included the introduction of main cybersecurity and measuring concepts. During this phase, the cybersecurity metrics were collected from the theoretical research and publication available from cybersecurity frameworks. As part of the research, a questionnaire was prepared and analysed. Key persons from the target organisation were then interviewed.
The research showed that there appears to be many different definitions related to the term of ‘cybersecurity’. Cybersecurity research, attacks, threats and new technology is constantly evolving. Measuring is important part of the cybersecurity situational awareness and organisation decision making. These processes need continuous improvement. In practice, this means that the cybersecurity metrics must be reviewed and refined periodically as stakeholders has different needs and views for relevant metrics that they would like use.