R. Kranenburg, Rohit Bohara, Raphael Yahalom, M. Ross
{"title":"网络弹性,中小企业的社会情境意识","authors":"R. Kranenburg, Rohit Bohara, Raphael Yahalom, M. Ross","doi":"10.1109/CSR57506.2023.10225011","DOIUrl":null,"url":null,"abstract":"In our paper, we describe the landscape that has led to the realization from the nineties of the last century that cyber is a social good: “Cyber is a social good, “said Cybersecurity and Infrastructure Security Agency Director Jen Easterly. “It's about societal resilience. And my last message (at CES 2023) is that we need to fundamentally change the relationship between government and industry.” This realization is build upon the belief that trust can be reinvented on three levels: that of data chains in devices, information chains in the supply chain (can I trust my supplier, my client), and trust in the realness, the ‘reality’ level of the contexts evoked by these chains in an age of deep fakes, Chat GPT and the Metaverse. We argue that there is a crisis of trust on all levels, a crisis which inevitability is part of the digital turn itself. As we move, as Mark Weiser wrote in his seminal text The Computer for the 21st century, to a form of computing that will disappear into “the fabric of everyday life”, and will only succeed as a success when it disappears fully from the experience of humans. It is the infrastructure itself that acquires a new layer and becomes ‘smart’. It has become an integral part of society that was before governed by rules of the kinetic realities of the world. These rules were built with certain threats in mind. The hybrid reality, layers of analogue/kinetic that interact sometimes, leads to new everyday practices that become social behavior. Leveling new threats then indeed becomes a social good. We argue that this is especially the case for small and medium-sized enterprises (SMEs), who by forming 99% of all business in Europe, not only pose a large fragmented threat vector, but also they are fighting cybercrime in isolation. We purpose a novel solution to exchange cybersecurity risk information with context among SMEs in a peer to peer mesh network. Additionally, a graph based risk analysis and prioritization method which takes into account the context information of assets and their environment.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyber Resilience, Societal Situational Awareness for SME\",\"authors\":\"R. Kranenburg, Rohit Bohara, Raphael Yahalom, M. Ross\",\"doi\":\"10.1109/CSR57506.2023.10225011\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In our paper, we describe the landscape that has led to the realization from the nineties of the last century that cyber is a social good: “Cyber is a social good, “said Cybersecurity and Infrastructure Security Agency Director Jen Easterly. “It's about societal resilience. And my last message (at CES 2023) is that we need to fundamentally change the relationship between government and industry.” This realization is build upon the belief that trust can be reinvented on three levels: that of data chains in devices, information chains in the supply chain (can I trust my supplier, my client), and trust in the realness, the ‘reality’ level of the contexts evoked by these chains in an age of deep fakes, Chat GPT and the Metaverse. We argue that there is a crisis of trust on all levels, a crisis which inevitability is part of the digital turn itself. As we move, as Mark Weiser wrote in his seminal text The Computer for the 21st century, to a form of computing that will disappear into “the fabric of everyday life”, and will only succeed as a success when it disappears fully from the experience of humans. It is the infrastructure itself that acquires a new layer and becomes ‘smart’. It has become an integral part of society that was before governed by rules of the kinetic realities of the world. These rules were built with certain threats in mind. The hybrid reality, layers of analogue/kinetic that interact sometimes, leads to new everyday practices that become social behavior. Leveling new threats then indeed becomes a social good. We argue that this is especially the case for small and medium-sized enterprises (SMEs), who by forming 99% of all business in Europe, not only pose a large fragmented threat vector, but also they are fighting cybercrime in isolation. We purpose a novel solution to exchange cybersecurity risk information with context among SMEs in a peer to peer mesh network. Additionally, a graph based risk analysis and prioritization method which takes into account the context information of assets and their environment.\",\"PeriodicalId\":354918,\"journal\":{\"name\":\"2023 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSR57506.2023.10225011\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSR57506.2023.10225011","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
在我们的论文中,我们描述了从上世纪90年代开始,导致人们认识到网络是一种社会公益的情况:“网络是一种社会公益,”网络安全和基础设施安全局局长珍·伊斯特利(Jen Easterly)说。“这与社会韧性有关。我(在CES 2023上)最后想说的是,我们需要从根本上改变政府和行业之间的关系。”这种认识是建立在信任可以在三个层面上重塑的信念之上的:设备中的数据链,供应链中的信息链(我能信任我的供应商,我的客户吗),以及对真实性的信任,在深度造假时代,这些链所唤起的上下文的“现实”层面,Chat GPT和Metaverse。我们认为,在所有层面上都存在信任危机,这种危机不可避免地是数字化转型本身的一部分。正如马克·威瑟(Mark Weiser)在其开创性著作《21世纪的计算机》(The Computer for The 21st century)中所写的那样,随着我们的发展,一种计算形式将消失在“日常生活的结构”中,只有当它完全从人类的体验中消失时,它才会取得成功。基础设施本身获得了一个新的层次,变得“智能”。它已经成为社会不可分割的一部分,而在此之前,它是由世界动态现实的规则所支配的。这些规则是在考虑到某些威胁的情况下制定的。混合现实,模拟/动态的层次有时会相互作用,导致新的日常实践成为社会行为。制造新的威胁确实对社会有益。我们认为,对于中小企业(sme)来说尤其如此,这些企业占欧洲所有企业的99%,不仅构成了大量分散的威胁载体,而且还在孤立地打击网络犯罪。我们的目的是一种新颖的解决方案,在点对点网状网络中交换网络安全风险信息。此外,基于图的风险分析和优先级排序方法考虑了资产及其环境的上下文信息。
Cyber Resilience, Societal Situational Awareness for SME
In our paper, we describe the landscape that has led to the realization from the nineties of the last century that cyber is a social good: “Cyber is a social good, “said Cybersecurity and Infrastructure Security Agency Director Jen Easterly. “It's about societal resilience. And my last message (at CES 2023) is that we need to fundamentally change the relationship between government and industry.” This realization is build upon the belief that trust can be reinvented on three levels: that of data chains in devices, information chains in the supply chain (can I trust my supplier, my client), and trust in the realness, the ‘reality’ level of the contexts evoked by these chains in an age of deep fakes, Chat GPT and the Metaverse. We argue that there is a crisis of trust on all levels, a crisis which inevitability is part of the digital turn itself. As we move, as Mark Weiser wrote in his seminal text The Computer for the 21st century, to a form of computing that will disappear into “the fabric of everyday life”, and will only succeed as a success when it disappears fully from the experience of humans. It is the infrastructure itself that acquires a new layer and becomes ‘smart’. It has become an integral part of society that was before governed by rules of the kinetic realities of the world. These rules were built with certain threats in mind. The hybrid reality, layers of analogue/kinetic that interact sometimes, leads to new everyday practices that become social behavior. Leveling new threats then indeed becomes a social good. We argue that this is especially the case for small and medium-sized enterprises (SMEs), who by forming 99% of all business in Europe, not only pose a large fragmented threat vector, but also they are fighting cybercrime in isolation. We purpose a novel solution to exchange cybersecurity risk information with context among SMEs in a peer to peer mesh network. Additionally, a graph based risk analysis and prioritization method which takes into account the context information of assets and their environment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
