Your search keyword '"Alexander Master"' showing total 3 results

1. Optimizing Cybersecurity Budgets with AttackSimulation

Author

Alexander Master, George Hamilton, and J. Eric Dietz

Subjects

Management Sciences and Quantitative Methods, budgeting, cybersecurity, evaluation research, probability, Information Security, computer simulation, threat modeling, data breaches, Defense and Security Studies, risk management

Abstract

Modern organizations need effective ways to assess cybersecurity risk. Successful cyber attacks can result in data breaches, which may inflict significant loss of money, time, and public trust. Small businesses and non-profit organizations have limited resources to invest in cybersecurity controls and often do not have the in-house expertise to assess their risk. Cyber threat actors also vary in sophistication, motivation, and effectiveness. This paper builds on the previous work of Lerums et al., who presented an AnyLogic model for simulating aspects of a cyber attack and the efficacy of controls in a generic enterprise network. This paper argues that their model is an effective quantitative means of measuring the probability of success of a threat actor and implements two primary changes to increase the model's accuracy. First, the authors modified the model's inputs, allowing users to select threat actors based on the organization's specific threat model. Threat actor effectiveness is evaluated based on publicly available breach data (in addition to security control efficacy), resulting in further refined attack success probabilities. Second, all three elements - threat effectiveness, control efficacy, and model variance - are computed and evaluated at each node to increase the estimation fidelity in place of pooled variance calculations. Visualization graphs, multiple simulation runs (up to 1 million), attack path customization, and code efficiency changes are also implemented. The result is a simulation tool that provides valuable insight to decision-makers and practitioners about where to most efficiently invest resources in their computing environment to increase cybersecurity posture. AttackSimulation and its source code are freely available on GitHub.

Published

2022

2. Password Managers: Secure Passwords the Easy Way

Author

Alexander Master

Subjects

Industry Best Practices, Cybersecurity, Community Education, Information Security, Information Literacy, Public Outreach, Passwords, Digital Authentication, Community-Based Learning

Abstract

Poor passwords are often the central problem identified when data breaches, ransomware attacks, and identity fraud cases occur. This Purdue Extension publication provides everyday users of Internet websites and computer systems with tools and strategies to protect their online accounts. Securing information access with password managers can be convenient and often free of cost, on a variety of devices and platforms. “Do’s and Don’ts” of password practices are highlighted, as well as the benefits of multi-factor authentication. The content is especially applicable for small businesses or non-profits, where employees often share access to systems or accounts.

Published

2022

3. Acceptability of donor funding for clinical trials in the UK: a qualitative empirical ethics study using focus groups to elicit the views of research patient public involvement group members, research ethics committee chairs and clinical researchers

Author

Simon Bowman, Heather Draper, Alexander Masters, Dominic Nutt, and Kirstie Shearman

Subjects

Medicine

Published

2022