Cyber Common Operating Pictures (CCOP)

Cyber security threats reside in various parts of an organisation. The lack of tools to provide a sense of cyber Situational Awareness (SA) is identified as one of the main barriers of effective and efficient cyber security monitoring and decision making. SA concerns the capability to answer what is happening in cyberspace, why is it happening and how to mitigate the effects of an undesirable incident. Situational awareness is critical for securing the enterprise's critical infrastructure. Cyber Common Operating Picture (CCOP) has been recently proposed as a mean to enhance Cyber Situational Awareness (CSA). CCOP captures and presents the current security status of an organisation’s systems, services, and networks for its security staff and decision makers including senior management. CCOP is expected to help organisational security staff and managers to assess risks, allocate resources, and alter the state of operations of the organisation in response to the real and potential security risks. The goal of this research is to build and rigorously evaluate novel approaches, metrics, and technological infrastructure for providing a highly configurable Platform for CCOP that will enhance CSA in an organisation and allow them to redefine how they manage cyber security.