Managing Cyber Security Debt: Strategies for Identification, Prioritisation, and Mitigation
Zapisane w:
| Wydane w: | International Conference on Cyber Warfare and Security (Mar 2024), p. 439 |
|---|---|
| 1. autor: | |
| Kolejni autorzy: | |
| Wydane: |
Academic Conferences International Limited
|
| Hasła przedmiotowe: | |
| Dostęp online: | Citation/Abstract Full Text Full Text - PDF |
| Etykiety: |
Nie ma etykietki, Dołącz pierwszą etykiete!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3082337023 | ||
| 003 | UK-CbPIL | ||
| 035 | |a 3082337023 | ||
| 045 | 2 | |b d20240301 |b d20240331 | |
| 084 | |a 142229 |2 nlm | ||
| 100 | 1 | |a Coetzer, Christo |u University of the Western Cape, Cape Town, South Africa | |
| 245 | 1 | |a Managing Cyber Security Debt: Strategies for Identification, Prioritisation, and Mitigation | |
| 260 | |b Academic Conferences International Limited |c Mar 2024 | ||
| 513 | |a Conference Proceedings | ||
| 520 | 3 | |a This paper explores cyber security debt, a technical debt arising from unaddressed security vulnerabilities in an organisation's IT systems. These vulnerabilities accumulate due to resource limitations, time constraints, and expertise gaps, potentially leading to security breaches and data compromises. The paper outlines the cyber security debt management process involving identification, prioritisation, and mitigation strategies. Drawing parallels to financial debt, the authors emphasise the escalating risks of delaying cyber security debt repayment. The paper underscores the significance of diligent debt management in maintaining digital resilience and mitigating cyber threats. The increasing interconnectedness of systems and rapid software development has given rise to a hidden challenge known as cyber security debt. Cyber security debt is posed as a subset of technical debt, encompassing the accumulation of security vulnerabilities within an organisation's IT infrastructure and applications. Drawing a parallel between cyber security debt and its financial counterpart, the authors underscore the grave risks of deferring debt repayment. Just as financial debt accrues interest, unresolved security vulnerabilities compound over time, elevating the likelihood of breaches and data exposure. A poignant case study of the Equifax breach exemplifies the real-world consequences of neglecting security debt management. The failure to patch a well-known vulnerability led to a colossal data breach, highlighting the urgency of addressing security weaknesses promptly. Complex in nature, cyber security debt materialises when organisations fail to address vulnerabilities during various operational life cycles. These vulnerabilities might remain concealed within IT architecture, legacy code, or third-party libraries, posing a formidable challenge to detection and resolution. By understanding the parallels between financial and cyber security debt and proactively managing the latter, organisations can enhance their ability to safeguard against evolving cyber threats and maintain a robust security posture. | |
| 653 | |a Cybersecurity | ||
| 653 | |a Debt management | ||
| 653 | |a Software development | ||
| 653 | |a Software engineering | ||
| 653 | |a Accumulation | ||
| 653 | |a Life cycles | ||
| 653 | |a Threats | ||
| 653 | |a Case studies | ||
| 653 | |a Debt | ||
| 653 | |a Management | ||
| 653 | |a Internet | ||
| 653 | |a Software | ||
| 653 | |a Identification | ||
| 653 | |a Security | ||
| 653 | |a Resilience | ||
| 653 | |a Mitigation | ||
| 653 | |a Infrastructure | ||
| 653 | |a Libraries | ||
| 653 | |a Data | ||
| 653 | |a Connectedness | ||
| 653 | |a Urgency | ||
| 653 | |a Prioritizing | ||
| 700 | 1 | |a Leenen, Louise |u University of the Western Cape, Cape Town, South Africa | |
| 773 | 0 | |t International Conference on Cyber Warfare and Security |g (Mar 2024), p. 439 | |
| 786 | 0 | |d ProQuest |t Political Science Database | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3082337023/abstract/embedded/ZKJTFFSVAI7CB62C?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text |u https://www.proquest.com/docview/3082337023/fulltext/embedded/ZKJTFFSVAI7CB62C?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3082337023/fulltextPDF/embedded/ZKJTFFSVAI7CB62C?source=fedsrch |