Understanding and prioritising cyberattack paths amid growing organisational complexity

Abstract

This paper explores the role of attack path modelling (APM) in modern cyber security, addressing the challenges posed by the rapidly evolving digital landscape. It provides a comprehensive overview of APM frameworks and their application in identifying and prioritising potential attack paths. The challenges associated with manual APM efforts, the need for standardisation and the potential for innovation in automated APM tools are examined throughout. Drawing from real-world examples, the paper demonstrates the practical implications of APM in dissecting attack components and mitigating risks. It emphasises the dual approach of human-led APM initiatives and the integration of APM functionality in technical solutions, advocating for improved hygiene with manual and periodic APM assessments that can be optimised with advanced SecOps APM tooling. The paper serves as a general resource for all cyber security practitioners, providing insights into the historical context, frameworks and practical challenges of APM. The paper describes the significance of human-led APM initiatives, using open frameworks to enhance cyber security posture. Furthermore, the paper explores the evolving landscape of APM tools, anticipating their integration with big data platforms and artificial intelligence (AI) for comprehensive security analyses. This paper presents insights into the current state of cyber security, the practical applications of APM frameworks, and the potential future developments in APM technology.