KIRAS Security Research

2017

CRISCROSS

The state of the art in the management of risks is heavily dependent on experts and can only depict static situations. CRISCROSS develops, partly further and partly anew, a software tool which aggregates intelligence about systems, threats, vulnerabilities and attacks on these systems to a dynamic, nation-wide, situational overview.

To depict cyber-situations accurately, knowledge about systems, the threats posed to them, their vulnerabilities and already occurred attacks against these systems has to be accumulated in a nation-wide situation-overview. The basis for the scientific development of this nation-wide situation-overview has been laid by the KIRAS-project „STRATFÜSYS“ and was further developed by the KIRAS-project GeRiAn „Gesamtsaatliche Risiko- und Bedrohungsanalyse“. In these projects, it was demonstrated that the creation of a nation-wide risks- and threats- analysis (a „system of risks“) would be an indispensable supplement of the current security- political situation.  It is the task of this system for risk-analysis to provide leadership- and management systems with risks-evaluation as a basis for strategic decisions.

To undertake a state-wide risk- and threat-analysis, cooperation and a wide range of sources is required in order to integrate experts from administration, economics and science into the analysis process and obtain information from already existing technical cyber-situational overviews. These sources provide the indicators which are supposed to enable short- and long- term risk-, threat- and trend analysis. Especially the harmonisation of indicators is a crucial task due to the variety of sources; available data has to be edited to guarantee legibility in middle and higher management.

Therefore, within the recommended project, a tool based on key figures will be developed, which on the one hand depicts risks in a scorecard and, on the other hand, enables for politicians a continuous collection, edition and harmonisation of information, an evaluation of risks and threats – as a strategic planning-tool and ad-hoc-information-system to support decision making. It is crucial for the success of the tool to create interfaces (for the import and export of data) so that risk-evaluation and changes to risks can be incorporated as soon as possible into already existing analysis-systems on various layers of decision-planning and -making.

Through an exemplary training-concept, which will be conceived in the recommended project, this tool will become a companion for experts, decision makers and crisis management so that in the event of crisis rapid and efficient decisions can be taken. 

Project partner 
Dr. Markus Gruber, Research Industrial Engineering (RISE) Forschungs-,    Entwicklungs- und Großprojektberatung GmbH

Consortium  
Repuco Unternehmensberatung GmbH
AIT Austrian Institute of Technology GmbH
SBA Research gemeinnützige GmbH
Wirtschaftsuniversität Wien – Department für Informationsverarbeitung und Prozessmanagement  

Contact  
Name des/der EinreicherIn und/oder ProjektleiterIn: Dr. Markus Gruber
Concorde Business Park F, 2320
Schwechat, Austria

Mobile: +43 664 608444 1149
Fax: +43 1 5057473
E-Mail: markus.gruber@riseworld.com 
Web:www.rise-world.com 

print