Author
Abstract
In his book Black Box Thinking, Matthew Syed compares the open approach the aviation industry takes in learning from disasters with the response often taken by the medical profession — the latter more reluctant to investigate incidents and share findings. The ADDRR model introduced in this paper advocates taking aviation’s ‘black box’ approach by having the tenacity to investigate the cause of breaches, learn from mistakes and share lessons learned. This will help all organisations improve their security posture. The ever-changing cyber threat environment also means that current models that guide defence strategies and tactics (for example Lockheed Martin’s Cyber Kill Chain Model and frameworks such as NIST) cannot remain static. The ADDRR model’s contribution to evolving cyber security thinking can be summarised in five key messages: 1) invest in a beefed-up ‘assess’ function that is thirsty for understanding and intelligence sharing; 2) incorporate a new ‘redesign’ objective that demands business and technology teams work together to create more secure products, processes and services that earn trust and generate sustainable growth; 3) consider the maturity and effectiveness of your investments in the five layers of the ADDRR model (assess, defend, detect, respond, redesign) and in protecting against five threat vectors (internal, external, third parties, compliance, IoT/OT devices); 4) mature your SOC capability into a ‘cyber nerve centre’ (incorporating automation and AI) that proactively manages the security of IT, facilities and business operations and provides the Board with a 360-degree view of its business resilience and cyber risk posture; and 5) evaluate the value to the business from investment in security and translate the greater resilience and lower risk/cost of a breach into Goodwill and shareholder value. The final message is a positive one. By introducing a redesign function, the model harnesses the creativity of the human resources of an organisation and gives employees, partners and customers the opportunity to work together to generate new services and stronger, more resilient businesses and ecosystems.
Suggested Citation
Henneberg, Alex, 2020.
"ADDRR: A counter kill chain cyber security model,"
Cyber Security: A Peer-Reviewed Journal, Henry Stewart Publications, vol. 3(3), pages 233-255, March.
Handle:
RePEc:aza:csj000:y:2020:v:3:i:3:p:233-255
Download full text from publisher
As the access to this document is restricted, you may want to search for a different version of it.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:aza:csj000:y:2020:v:3:i:3:p:233-255. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Henry Stewart Talks (email available below). General contact details of provider: .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.