EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

ADDRR: A counter kill chain cyber security model

Alex Henneberg

Cyber Security: A Peer-Reviewed Journal, 2020, vol. 3, issue 3, 233-255

Abstract: In his book Black Box Thinking, Matthew Syed compares the open approach the aviation industry takes in learning from disasters with the response often taken by the medical profession — the latter more reluctant to investigate incidents and share findings. The ADDRR model introduced in this paper advocates taking aviation’s ‘black box’ approach by having the tenacity to investigate the cause of breaches, learn from mistakes and share lessons learned. This will help all organisations improve their security posture. The ever-changing cyber threat environment also means that current models that guide defence strategies and tactics (for example Lockheed Martin’s Cyber Kill Chain Model and frameworks such as NIST) cannot remain static. The ADDRR model’s contribution to evolving cyber security thinking can be summarised in five key messages: 1) invest in a beefed-up ‘assess’ function that is thirsty for understanding and intelligence sharing; 2) incorporate a new ‘redesign’ objective that demands business and technology teams work together to create more secure products, processes and services that earn trust and generate sustainable growth; 3) consider the maturity and effectiveness of your investments in the five layers of the ADDRR model (assess, defend, detect, respond, redesign) and in protecting against five threat vectors (internal, external, third parties, compliance, IoT/OT devices); 4) mature your SOC capability into a ‘cyber nerve centre’ (incorporating automation and AI) that proactively manages the security of IT, facilities and business operations and provides the Board with a 360-degree view of its business resilience and cyber risk posture; and 5) evaluate the value to the business from investment in security and translate the greater resilience and lower risk/cost of a breach into Goodwill and shareholder value. The final message is a positive one. By introducing a redesign function, the model harnesses the creativity of the human resources of an organisation and gives employees, partners and customers the opportunity to work together to generate new services and stronger, more resilient businesses and ecosystems.

Keywords: cyber; security frameworks; cyber operations; vulnerability assessments; kill chain; maturity model; resilience (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2020
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/5404/download/ (application/pdf)
https://hstalks.com/article/5404/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2020:v:3:i:3:p:233-255

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:csj000:y:2020:v:3:i:3:p:233-255