Decisions & Disruptions 2: Decide Harder: A custom cyber security incident response exercise

Ben Shreeve, Joe Gardiner, Joseph Hallett, Awais Rashid, David Humphries

Research output: Contribution to conferenceConference Paperpeer-review

Abstract

Cyber incident response is critical to business continuity -- we describe a new exercise that challenges professionals to play the role of Chief Information Security Officer (CISO) for a major financial organisation. Teams must decide how organisational team and budget resources should be deployed across Enterprise Architecture (EA) upgrades and cyber incidents. Every choice made has an impact -- some prevent whilst others may trigger new or continue current attacks. We explain how the underlying platform supports these interactions through a reactionary event mechanism that introduces events based on the current attack surface of the organisation. We explore how our platform manages to introduce randomness on top of triggered events to ensure that the exercise is not deterministic and better matches incidents in the real world. We conclude by describing next steps for the exercise and how we plan to use it in the future to better understand risk decision making.
Original languageEnglish
Number of pages7
DOIs
Publication statusPublished - 6 Aug 2023
EventWorkshop on Deconstructing Gamified Approaches to Security and Privacy - Anaheim, CA
Duration: 6 Aug 20236 Aug 2023
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#dgasp

Conference

ConferenceWorkshop on Deconstructing Gamified Approaches to Security and Privacy
Abbreviated titleDGASP
Period6/08/236/08/23
Internet address

Fingerprint

Dive into the research topics of 'Decisions & Disruptions 2: Decide Harder: A custom cyber security incident response exercise'. Together they form a unique fingerprint.

Cite this