RAND's Scalable Warning and Resilience Model (SWARM): Enhancing Defenders' Predictive Power in Cyberspace
Abstract
The evolving cyber threat landscape requires rapidly and constantly adapting cyberdefense solutions. The current strategies that defenders employ are based predominantly on detecting cyber incidents at the early or later stages of a cyberattack cycle but seldom prior to the delivery of a weaponized payload to the defenders networks. Other initial stages of a cyberattack cyclethe adversary conducting reconnaissance on the target, testing capabilities, establishing and maintaining infrastructure, or potential geopolitical trigger events occurringare not typically factored into defenders calculations when predicting or preventing cyber incidents. As a result, the model introduced in this report intends to enhance the predictive and anticipatory capabilities available to cyber defenders while also augmenting resilience by improving preventions and detections as early in Lockheed Martins Cyber Kill Chain framework as possible.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2021
- Accession Number
- AD1132722
Entities
People
- Adam S. Moore
- Billyana Lilly
- Daniel Weishoff
- Quentin E. Hodson
Organizations
- RAND Corporation