Search papers, labs, and topics across Lattice.
This paper reviews five existing Cyber Situational Awareness (CSA) platforms to identify differentiating characteristics and proposes six criteria for developing a military-grade smart CSA platform. The authors argue that a smart CSA platform is crucial for informed decision-making in cyber defense, enabling improved response times and monitoring the cascading effects of attacks. They validate these criteria by applying them to CRUSOE, an open-source CSA platform, demonstrating its applicability to the military domain after modifications and experimentation.
Military-grade cyber defense demands more than passive monitoring: this paper outlines six key criteria for "smart" Cyber Situational Awareness platforms that enable proactive decision-making and faster response to attacks.
The development of technology across multiple sectors and the growing importance of cyber warfare make the development of Cyber Situational Awareness (CSA) a fundamental component of any cyber defense strategy. CSA, as a practice, enables understanding of the current landscape within an organization or critical infrastructure, anticipating potential threats, and responding appropriately to cyber risks. With CSA, we are not simply seeking a passive point of view, but rather informed decision-making that allows us to improve response times and monitor the consequences and effects an attack has on one of our elements and how it will affect other elements it interacts with. In this paper, we review 5 CSA platforms, seeking differentiating characteristics between each proposal and outlining 6 proposed criteria that can be applied when creating a military smart CSA platform. To this end, we have validated the proposed criteria in CRUSOE, an open-source CSA platform developed by CSIRT-MU. After applying some modifications and experiments, it turned out to be applicable to this field.
