Anticipation in cyber-security
<p>Organisations, governments and users are increasingly vulnerable to cyberattacks, which effects may range from threatening the foundation of modern information society, to causing catastrophic failure of nation-wide critical infrastructure. As a result, a great deal of effort has been given...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Book section |
| Language: | English |
| Published: |
Springer
2017
|
| _version_ | 1797107013253070848 |
|---|---|
| author | Ahrend, JM Jirotka, M |
| author2 | Poli, R |
| author_facet | Poli, R Ahrend, JM Jirotka, M |
| author_sort | Ahrend, JM |
| collection | OXFORD |
| description | <p>Organisations, governments and users are increasingly vulnerable to cyberattacks, which effects may range from threatening the foundation of modern information society, to causing catastrophic failure of nation-wide critical infrastructure. As a result, a great deal of effort has been given to mitigating the risks stemming from cyber-attacks and has established the field of cyber-security. To defend against cyber-attacks, defenders are required to foresee threat actors’ actions some way in advance to implement protective means. This interdependency places anticipatory practice at the heart of cyber-security. Despite the importance of these activities, little work exists that considers the details of anticipatory practices in cyber-security.</p>
<p>This chapter explores how a forward-looking stance and the use of that forward-looking stance to affect a change in the present are a key concept and goal of cyber-security. Literature on anticipation in cyber-security is reviewed and its importance illustrated through the use of a detailed case study. In this study, we draw upon empirical accounts of five cyber-threat analysts’ day-to-day practices to explore how futures are envisioned and used in the attempt to protect cyber-space.</p>
<p>We find that anticipation of the future is, under different names, a well-considered stance in cyber-security that attracts attention from practitioners and theorists alike. The practices that were uncovered proved to be highly anticipatory in nature. Defenders take an “attack attitude”, where they aim to envision possible future attack behaviours to inform their defence responses. Analysts engage in external and internal knowledge acquisition activities to obtain knowledge about the attack and defence space and anticipate the future. Yet, obtaining this knowledge presents a major challenge due to the ambiguity and amount of information available. We conclude that improving cyber-defenders’ anticipatory capabilities may enhance the overall sense-making process and improve decision-making.</p> |
| first_indexed | 2024-03-07T07:10:36Z |
| format | Book section |
| id | oxford-uuid:4d0dc247-e32c-4a9e-9fbc-1bdacc54a05e |
| institution | University of Oxford |
| language | English |
| last_indexed | 2024-03-07T07:10:36Z |
| publishDate | 2017 |
| publisher | Springer |
| record_format | dspace |
| spelling | oxford-uuid:4d0dc247-e32c-4a9e-9fbc-1bdacc54a05e2022-06-17T15:27:45ZAnticipation in cyber-securityBook sectionhttp://purl.org/coar/resource_type/c_3248uuid:4d0dc247-e32c-4a9e-9fbc-1bdacc54a05eEnglishSymplectic Elements at OxfordSpringer2017Ahrend, JMJirotka, MPoli, R<p>Organisations, governments and users are increasingly vulnerable to cyberattacks, which effects may range from threatening the foundation of modern information society, to causing catastrophic failure of nation-wide critical infrastructure. As a result, a great deal of effort has been given to mitigating the risks stemming from cyber-attacks and has established the field of cyber-security. To defend against cyber-attacks, defenders are required to foresee threat actors’ actions some way in advance to implement protective means. This interdependency places anticipatory practice at the heart of cyber-security. Despite the importance of these activities, little work exists that considers the details of anticipatory practices in cyber-security.</p> <p>This chapter explores how a forward-looking stance and the use of that forward-looking stance to affect a change in the present are a key concept and goal of cyber-security. Literature on anticipation in cyber-security is reviewed and its importance illustrated through the use of a detailed case study. In this study, we draw upon empirical accounts of five cyber-threat analysts’ day-to-day practices to explore how futures are envisioned and used in the attempt to protect cyber-space.</p> <p>We find that anticipation of the future is, under different names, a well-considered stance in cyber-security that attracts attention from practitioners and theorists alike. The practices that were uncovered proved to be highly anticipatory in nature. Defenders take an “attack attitude”, where they aim to envision possible future attack behaviours to inform their defence responses. Analysts engage in external and internal knowledge acquisition activities to obtain knowledge about the attack and defence space and anticipate the future. Yet, obtaining this knowledge presents a major challenge due to the ambiguity and amount of information available. We conclude that improving cyber-defenders’ anticipatory capabilities may enhance the overall sense-making process and improve decision-making.</p> |
| spellingShingle | Ahrend, JM Jirotka, M Anticipation in cyber-security |
| title | Anticipation in cyber-security |
| title_full | Anticipation in cyber-security |
| title_fullStr | Anticipation in cyber-security |
| title_full_unstemmed | Anticipation in cyber-security |
| title_short | Anticipation in cyber-security |
| title_sort | anticipation in cyber security |
| work_keys_str_mv | AT ahrendjm anticipationincybersecurity AT jirotkam anticipationincybersecurity |