Enterprise Security Analysis and Training Experience

Conference paper

DOI: 10.1007/978-3-319-31664-2_21

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)
Cite this paper as:
Ojamaa A., Tyugu E. (2016) Enterprise Security Analysis and Training Experience. In: Panayiotou C., Ellinas G., Kyriakides E., Polycarpou M. (eds) Critical Information Infrastructures Security. CRITIS 2014. Lecture Notes in Computer Science, vol 8985. Springer, Cham

Abstract

A holistic approach to security can be introduced by using a model that binds security measures with costs and security metrics. We describe exercises based on the graded security model, and supported by an expert system that are used for training both general managers and security experts. Trainees have to solve a number of problems under conditions that correspond to a realistic critical information infrastructure security planning situation, with the level of details depending on the expertise of trainees.

Keywords

Security training Graded security Security model 

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Institute of Cybernetics at Tallinn University of TechnologyTallinnEstonia

Personalised recommendations