Access the full text.
Sign up today, get DeepDyve free for 14 days.
D. Milea (2017)
Hypothesis in threat hunting
R. Solms, J. Niekerk (2013)
From information security to cyber securityComput. Secur., 38
Daniele Bertoglio, A. Zorzo (2017)
Overview and open issues on penetration testJournal of the Brazilian Computer Society, 23
Kenneth Geers (2010)
Live Fire Exercise: Preparing for Cyber WarJournal of Homeland Security and Emergency Management, 7
Anna Ståhlbröst, Josefin Lassinantti (2015)
Leveraging Living Lab Innovation Processes through CrowdsourcingTechnology Innovation Management Review, 5
Filip Caron, J. Vanthienen, B. Baesens (2013)
Comprehensive rule-based compliance checking and risk management with process miningDecis. Support Syst., 54
Md. Miazi, Mir Pritom, Mohamed Shehab, Bill Chu, Jinpeng Wei (2017)
The Design of Cyber Threat Hunting Games: A Case Study2017 26th International Conference on Computer Communication and Networks (ICCCN)
Gerald Brown, W. Carlyle, J. Salmerón, Kevin Wood (2005)
Analyzing the Vulnerability of Critical Infrastructure to Attack and Planning Defenses
(2006)
Fixing the problem of analytical mindsets
S. Granger (2001)
Social engineering fundamentals, part I hacker tactics
M. Granåsen, Dennis Andersson (2016)
Measuring team effectiveness in cyber-defense exercises: a cross-disciplinary case studyCognition, Technology & Work, 18
Anuja Arora (2012)
Web Application Testing: A Review on Techniques, Tools and State of Art
H. Boyes (2015)
Cybersecurity and Cyber-Resilient Supply ChainsTechnology Innovation Management Review, 5
A. Saad, Ali Al-Ghamdi (2013)
A Survey on Software Security Testing Techniques
Sajad Homayoun, A. Dehghantanha, Marzieh Ahmadzadeh, S. Hashemi, R. Khayami (2018)
Know Abnormal, Find Evil: Frequent Pattern Mining for Ransomware Threat Hunting and IntelligenceIEEE Transactions on Emerging Topics in Computing, 8
M. Imran, S. Badshah (2012)
Vibration Analysis of an Ocean Current Turbine BladeInternational journal of scientific and engineering research, 3
Vagner Gonçalves, M. Delamaro, Fátima Nunes (2017)
Applying graphical oracles to evaluate image segmentation resultsJournal of the Brazilian Computer Society, 23
J. Stevens (2015)
Hunting for the undefined threat: advanced analytics and visualization
Defense Sciences Board (2003)
10.21236/ADA430100
(2017)
XSS to root in apache jira incident
Achim Brucker, U. Sodan (2014)
Deploying Static Application Security Testing on a Large Scale
(2018)
Emerging software testing technologies
M. Bishop (2007)
About Penetration TestingIEEE Security & Privacy, 5
Ola Surakhi, A. Hudaib, M. Alshraideh, Mohammad Khanafseh (2017)
A Survey on Design Methods for Secure Software Development, 16
Didier Stevens (2011)
Malicious PDF Documents ExplainedIEEE Security & Privacy, 9
(2016)
iso/IEC 27000:2016
(2016)
Fuzzing
J. Diamant (2011)
Resilient Security Architecture: A Complementary Approach to Reducing VulnerabilitiesIEEE Security & Privacy, 9
The purpose of this paper is to highlight the potential of cyber-testing techniques in assessing the effectiveness of cyber-security controls and obtaining audit evidence.Design/methodology/approachThe paper starts with an identification of the applicable cyber-testing techniques and evaluates their applicability to generally accepted assurance schemes and cyber-security guidelines.FindingsCyber-testing techniques are providing insight in the effectiveness of the actual implementation of cyber-security controls, which may significantly deviate from the conceptual designs of these controls. Furthermore, cyber-testing techniques could provide concise input for cyber-risk management and improvement recommendations.Originality/valueThe presented cyber-testing techniques could complement traditional process-oriented assurance techniques with specialized technical analyses of real-world implementations that focus on the adversaries’ viewpoint.
Managerial Auditing Journal – Emerald Publishing
Published: May 12, 2021
Keywords: Cyber risk; Cyber security; IT audit; Cyber assurance; Cyber resilience; Cyber security testing
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.