NIST offers a model for evaluating cybersecurity investment strategies in network security

NIST and university researchers have proposed a new computational model to assess the costs of cybersecurity in protecting networks.

The larger the network, the more opportunities there may be for threat actors to infiltrate, cause damage, or commit theft.

Today’s enterprise networks often provide a large attack surface, including Internet of Things (IoT) devices, mobile products, remote work tools, onsite and offsite services, and cloud systems.

It can be difficult for companies to determine which areas are most important in terms of cybersecurity investment, but a new calculation model could eliminate some assumptions.

Authored by US National Institute of Standards and Technology (NIST) researchers Van Sy Mai, Richard La, and Abdella Battou, a new paper published in IEEE/ACM Transactions on Networking, titled “Optimal Cybersecurity Investments in Large Networks Using SIS Model: Algorithm Design, “provides “a way to determine the optimal investments needed to minimize the costs of securing these networks, recovering from infections, and repairing their damage”.

The algorithm was designed with pandemic and disease tracking as inspiration. Viruses can spread in a population without immunity through social contact, and digital viruses can also spread through networks and system-to-system touchpoints if no protection is in place.

“A virus/malware infection in one system can spread internally, attack other systems, and potentially impact the entire system,” says NIST. “The problem is similar to that of the spread of disease in social networks.”

The model uses datasets based on a network’s long-term behavior to analyze large network systems and risk areas to generate key performance metrics.

While vaccination rate monitoring can be used to measure the impact of protection on the level of risk and the spread of a pandemic, in this study a time-averaged cost of security was imposed to protect different elements of a network, the overall objective being the development of cybersecurity investment strategies.

The researchers’ “susceptible-infected-susceptible” (SIS) model took into account the investments, economic losses and recovery requirements caused by malware infections.

Four algorithms assess the probabilities of network breaches, likely spread rates, how long – and how much it would cost – to repair the damage, and the expense associated with a full recovery.

These assessments were then compared against the model’s investment strategies, including network monitoring and diagnostics, to generate recommendations on the “optimal” areas where money should be spent to protect a network.

This study can highlight how machine learning could be leveraged to provide a foundation for cybersecurity investments in the future. It could also become a valuable tool for enterprise users in the future, who face an average cost of at least $4 million due to a data breach today.

In related news this month, NIST worked on improving product labeling for IoT devices and software to improve cybersecurity education and help consumers make better choices. enlightened.

See also

Do you have any advice? Get in touch securely via WhatsApp | Signal at +447713 025 499, or more at Keybase: charlie0

Kevin M. Risinger