Efficient response to IT security incidents in transnational supply chains
Abstract
n Austria and Germany, the number of cyber threats is on the rise and there have been incidents in both countries that threaten the security of civil society. Cyber threats have the potential to cause lasting disruption to businesses and entire supply chains, and recovery is not easy. As a result, such events can have serious consequences for individuals, businesses, and government organizations. For this reason, both Germany and Austria have invested significantly in corporate IT security in recent years - also under the influence of the EU with the NIST Directive - especially in Critical Infrastructures, regulating them and also developing national capabilities to detect and defend against threats from the Digital Space. The next step for both countries is to create awareness of cyber incident response and build competencies in this regard in order to restore the availability of services or critical infrastructure as quickly as possible in the event of a threat, competing with the desire for thorough analysis and court-proof documentation. The CONTAIN project therefore aims to raise awareness of incident response issues and subsequent processes, and to define software engineering tools and corresponding reference processes. It aims at the following three main aspects: (1) reduce the impact of cyber attacks, (2) reduce the number and criticality of successful cyber attacks, and (3) increase the efficiency of cyber attack detection rate and effort. CONTAIN focuses on processes and procedures necessary to respond resiliently to IT security incidents, minimize their impact, remediate vulnerabilities, and increase the robustness and sovereignty of systems. For this purpose, CONTAIN plans to utilize serious games, games with a first purpose, to challenge the behaviors of users, analyze, define and validate processes (operational processes and decision-making processes), define and validate crisis management, and coordinate actors and their responsibilities. Finally, the resulting simulation model is used to identify critical processes, as well as any resource and capacity bottlenecks, from which relevant options for optimizing processes are derived, which are particularly suitable for small and medium-sized enterprises. The application domain of the project is transport and traffic, which represents a critical infrastructure on the German, Austrian and also European level.
keywords IT-Security Supply Chain Management Computer-Based Simulation Optimization Algorithms Crisis Management
Publikationen
Project staff
Patrick Hirsch
Assoc. Prof. Priv.-Doz. Mag. Dr. Patrick Hirsch
patrick.hirsch@boku.ac.at
Tel: +43 1 47654-73419
Project Leader
01.03.2023 - 28.02.2025
Larissa Schachenhofer
Dipl.-Ing. Larissa Schachenhofer B.Sc. MA
larissa.schachenhofer@boku.ac.at
Tel: +43 1 47654-73417
Project Staff
01.03.2023 - 28.02.2025
BOKU partners
External partners
Bundesministerium für Landesverteidigung und Sport
none
partner
AIT Austrian Institute of Technology GmbH
none
coordinator
Gartner KG
none
partner
Kwizda Holding GmbH
none
partner
Roland Spedition GmbH
none
partner
team Technology Management GmbH
none
partner
Vienna Centre for Societal Security
none
partner
University of Vienna
none
partner