Adaptive Knowledge Encoding for Agile Cybersecurity Operations

An agile cybersecurity operation is the dynamic adaptability of security services and mechanisms including people, process, technology, and environment to ensure organizational efficacy. Two key roles in agile security operations are cybersecurity operators and cybersecurity analysts. Both are overwhelmed with data and information, but underwhelmed in knowledge and understanding. Adaptive knowledge encoding introduces cybersecurity decision patterns (CDPs) and a cybersecurity decision pattern language (CDPL) as formal knowledge representation and a formal knowledge repository to capture, codify, and share knowledge that supports cybersecurity operators and analysts ability to perform timely agile cybersecurity operations. The Knowledge Engineer applies CDPs and the CDPL to provide a cybersecurity cognitive schema that dynamically adapts by assimilating new CDPs in the CDPL structure and acclimating the CDPL structure to new knowledge. CDPs and the CDPL together with applied fundamentals of agile systems engineering help facilitate the design and sustainment of agile cybersecurity operations. Copyright © 2015 by Keith D. Willett, Rick Dove, and Mark Blackburn. Published and used by INCOSE with permission.