University of Illinois at Urbana-Champaign
A U.S. Department of Homeland Security Center of Excellence
Critical Infrastructure Resilience Institute

Cyber Risk Scoring and Mitigation for Resilient Cyber Infrastructure

1 pm CT, December 13, 2018

Download the presentation

Overview

Security metrics play a key role in supporting cyber risk management and mitigation decisions for critical infrastructures. The availability of quantitative insights ensures operational resilience and assist in the development of cost-effective mitigation plan.  The resilient operation of critical infrastructures will depend on tools that can aid in continuous cyber resilience assessment.  In this talk, I will present theoretical techniques and tools for security risk scoring and prioritized cyber defense remediation plan for effective cyber risk management.  I will present cyber risk scoring techniques based on attack and vulnerability graph modeling and cyber defense remediation technique based on optimal resource allocation modeling.  I will also present the Cyber Risk Scoring and Mitigation (CRISM) tool that provides cyber risk scores and a prioritized mitigation plan based on vulnerability detection, attack graph modeling, and risk assessment. I will also highlight the technology transition activities aimed at evaluating the commercial viability of the CRISM tool for the healthcare sector. A demonstration of the CRISM tool will conclude the talk.

Presenter

Photo of Sachin Shetty
Photo of Sachin Shetty

Sachin Shetty is an Associate Professor in the Virginia Modeling, Analysis, and Simulation Center and holds a joint appointment with the Department of Modeling, Simulation and Visualization Engineering at Old Dominion University. Sachin Shetty received Ph.D. in Modeling and Simulation from the Old Dominion University in 2007.  Prior to joining Old Dominion University, he was an Associate Professor with the Electrical and Computer Engineering Department at Tennessee State University. His research interests lie at the intersection of computer networking, network security, and machine learning. His research has been sponsored by the National Science Foundation, Air Office of Scientific Research, Air Force Research Lab, Office of Naval Research, Department of Homeland Security, and Boeing. He has published over 140 research articles in journals and conference proceedings and two books. He is the recipient of DHS Scientific Leadership Award and has been inducted in Tennessee State University’s million-dollar club.