In today’s “Cyber-Society,” an enterprise faces numerous Cybersecurity challenges as Cybercriminals, hackers, and insider threats constantly threaten to compromise the Confidentiality, Integrity, and Availability (CIA) of the enterprise’s assets and data.
This research presents a Dynamic Framework system that has a proactive security concept as opposed to the traditional reactive approach. This Dynamic Framework system minimizes the risks that Cybercriminals, hackers, and insider threats pose to an enterprise’s CIA.
The Dynamic Framework system is mapped to the National Institute of Standards and Technology’s (NIST) Risk Framework (RF), is designed based on three functional Controls (Preventive, Detective and Corrective), enables an enterprise to develop a healthier Cyber Hygiene (CH) through continuous monitoring of its assets, and is capable of ensuring a proper alignment between the business functionality and Cybersecurity missions of an enterprise. Furthermore, although the Dynamic Framework system was developed based the Financial Services Sector’s vulnerabilities, its functionality applies to all enterprises.
This research recognizes that the current Cybersecurity practices are insufficient to prevent a Cyber-Attack, respond to a Cyber-Attack, and, most importantly, remain resilient during a Cyber-Attack. The purpose of the Dynamic Framework system is to recommend a new and near-future Cyber-Ecosystem (CE), which an enterprise in the Financial Services Sector, or other sectors, can use to improve its security posture.
|Advisor:||Murphree, Lile, Jr., Mazzuchi, Thomas A.|
|Commitee:||Mazzuchi, Thomas Andrew, Murphree, Lile, Jr., Narahari, Bhagirath, Sarkani, Shahram, Stone, Michael J.|
|School:||The George Washington University|
|Department:||Engineering Mgt and Systems Engineering|
|School Location:||United States -- District of Columbia|
|Source:||DAI-B 77/12(E), Dissertation Abstracts International|
|Subjects:||Information Technology, Criminology, Computer science|
|Keywords:||Continuous monitoring, Cybersecurity, Information security, Insider threats, Security, System security|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be