Prioritize When Patching Everything is Impossible!

摘要

Vulnerable critical networks are attractive targets for remote adversaries with different intentions. Towards enhancing resilience against extreme risks, such networks need to continuously assess their security posture and prioritize possible remediation actions based on security risk. The contribution of this work is to provide an integrated risk-based decision-support methodology for prioritizing risk remediation activities. Our methodology leverages the Time-To-Compromise security metric to quantitatively assess the compromise risk. Furthermore, it employs game-theory principles to model the strategic behaviour of the involved players (e.g., defender and attacker). The novelty of this approach lies in the way it integrates the risk attitude of the decision makers involved in the patch management operations across critical organizations into the prioritization process.