Browsing by Author "Rujirekh Saetiea"

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • No Thumbnail Available
    ItemOpen Access
    A study of cyber range functions in cybersecurity risk management by using the NIST framework
    (Mahidol University, 2023) Rujirekh Saetiea; Rojjalak Chuckpaiwong; Sotarat Thammaboosadee
    Technology has played a role in almost every organization, regardless of size, as an addition to some organizations, or as the core of some organizations, in response to the expanding business competition in the Internet world. Though technology develops rapidly, threats and attacks go beyond; organizations must adapt and prepare their resources, not only the technology used for protection but also the readiness and understanding of the risks from threats and attacks from employees throughout the organization. The purpose of this study was to research the capabilities of the Cyber Range platform where to help mitigate global cyber threats and the concept to perform cybersecurity risk assessment according to the National Institute of Standards and Technology (NIST) Cybersecurity Framework and special publication related to the risk management such as SP800-30 and SP800-39. This study selected the threat events for cyber-attacks are characterized by the tactics, techniques, and procedures (TTPs) employed by adversaries; after that, to conduct the cybersecurity risk assessment to come up with the potential impact, and the final step was mapping feature of Cyber Range to mitigate the risk. It was found risk level of the potential impact based on the cyber threat selected and guidance mapped Cyber Range to the organization that would like to start their risk management strategy. Implication of the thematic paper: The results provide suggestions and recommendations on how to start implement the risk management of organization in general using NIST framework and Cyber Range functions.