Mission?centric decision support in cybersecurity via Bayesian Privilege Attack Graph

We present an approach to decision support in cybersecurity with respect cyber threats and stakeholders' requirements. situations which experts need take actions mitigate the risks, such as temporarily putting IT system out of operation, but consult them other stakeholders. propose a that uses mission decomposition model representing organization's functional security requirements on its infrastructure. Based state assessment, is, discovery vulnerabilities attacker's position, calculates resilience metrics for each infrastructure's configuration, how likely are they not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph Bayesian Privilege Graph, reduce complex attack graphs into comprehensible bipartite graph. Moreover, illustrate impact exploiting attackers gaining privileges. recommends most resilient configurations both non-technical stakeholders, who may then choose configuration apply. Our illustrated case study real-world medical information system.