Cognitive and Economic Decision Theory for Examining Cyber Defense Strategies   [open pdf - 2MB]

From the Introduction: "Cyber attacks pose a major threat to modern organizations. These attacks can have nefarious aims and serious consequences, including disruption of operations, espionage, identity theft, and attacks on critical infrastructure. Organizations must put substantial resources into protecting themselves and their customers, clients, and others against cyber attacks. Even with a substantial investment in cyber defense resources, however, the risk of harm from a cyber attack is significant for many organizations. The effectiveness of cyber defense can likely be enhanced if programs are implemented that allow organizations that face similar cyber threats to share information and resources. The threats faced by different organizations may be similar or identical (figure 1), and much of the work done by cyber defenders at these organizations may be redundant (Hui et al. 2010). By sharing information about cyber attacks, effective defense strategies, and personnel with specific expertise, organizations may better protect themselves against cyber threats while maintaining or even reducing the resources dedicated to cyber security."

Report Number:
Sandia Report 2014-0442: SAND2014-0442498310
Public Domain
Retrieved From:
U.S. Department of Energy, Office of Scientific and Technical Information: http://www.osti.gov/
Media Type:
Help with citations