The state of the art in the management of risks is heavily dependent on experts and can only depict static situations. CRISCROSS develops, partly further and partly anew, a software tool which aggregates intelligence about systems, threats, vulnerabilities and attacks on these systems to a dynamic, nation-wide, situational overview.
To depict cyber-situations accurately, knowledge about systems, the threats posed to them, their vulnerabilities and already occurred attacks against these systems has to be accumulated in a nation-wide situation-overview. The basis for the scientific development of this nation-wide situation-overview has been laid by the KIRAS-project „STRATFÜSYS“ and was further developed by the KIRAS-project GeRiAn „Gesamtsaatliche Risiko- und Bedrohungsanalyse“. In these projects, it was demonstrated that the creation of a nation-wide risks- and threats- analysis (a „system of risks“) would be an indispensable supplement of the current security- political situation. It is the task of this system for risk-analysis to provide leadership- and management systems with risks-evaluation as a basis for strategic decisions.
To undertake a state-wide risk- and threat-analysis, cooperation and a wide range of sources is required in order to integrate experts from administration, economics and science into the analysis process and obtain information from already existing technical cyber-situational overviews. These sources provide the indicators which are supposed to enable short- and long- term risk-, threat- and trend analysis. Especially the harmonisation of indicators is a crucial task due to the variety of sources; available data has to be edited to guarantee legibility in middle and higher management.
Therefore, within the recommended project, a tool based on key figures will be developed, which on the one hand depicts risks in a scorecard and, on the other hand, enables for politicians a continuous collection, edition and harmonisation of information, an evaluation of risks and threats – as a strategic planning-tool and ad-hoc-information-system to support decision making. It is crucial for the success of the tool to create interfaces (for the import and export of data) so that risk-evaluation and changes to risks can be incorporated as soon as possible into already existing analysis-systems on various layers of decision-planning and -making.
Through an exemplary training-concept, which will be conceived in the recommended project, this tool will become a companion for experts, decision makers and crisis management so that in the event of crisis rapid and efficient decisions can be taken.
Dr. Markus Gruber, Research Industrial Engineering (RISE) Forschungs-, Entwicklungs- und Großprojektberatung GmbH
Repuco Unternehmensberatung GmbH
AIT Austrian Institute of Technology GmbH
SBA Research gemeinnützige GmbH
Wirtschaftsuniversität Wien – Department für Informationsverarbeitung und Prozessmanagement
Name des/der EinreicherIn und/oder ProjektleiterIn: Dr. Markus Gruber
Concorde Business Park F, 2320