Cybersecurity Assessment Parameter Profile (CAPP). A Tool for Making Sense of Cybersecurity Assessments

Abstract

This paper seeks to answer three core questions: How can decision makers (1) identify the salient differences between existing cybersecurity assessments; (2) select the most appropriate cybersecurity assessments for their missions, resources, and constraints; and (3) find and fill gaps in the cybersecurity assessment ecosystem? The framework uses a cohesive set of eight parameters to characterize cybersecurity assessments, and introduces the Cybersecurity Assessment Parameters Profile (CAPP) tool, which aids decision makers in applying the parameters to cybersecurity assessments. Each parameter is a non-categorical spectrum, whose extremes offer both utility and limitations. Each parameter offers a meaningful choice for cybersecurity decision makers, as every parameter value is desirable for some assessment scenario.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 28, 2018
Accession Number
AD1049123

Entities

People

  • Scott L. Russell
  • Steven C. Jackson

Organizations

  • Naval Surface Warfare Center

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Authentication
  • Complex Systems
  • Control Systems
  • Cybersecurity
  • Delphi Method
  • Engineering
  • Failure Mode And Effect Analysis
  • Identification
  • Information Security
  • Information Systems
  • Organizational Structure
  • Risk Analysis
  • Risk Management
  • Standards
  • Systems Engineering
  • Test And Evaluation
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Computational Modeling and Simulation
  • Defense Technology Research and Development.
  • Team-Based Human-Centered Cognitive Task Decision Making and Information Performance.

Technology Areas

  • Cyber