
Research Article
Modelling Organizational Recovery
@INPROCEEDINGS{10.1007/978-3-030-97124-3_23, author={Adrian Baldwin and Tristan Caulfield and Marius-Constantin Ilau and David Pym}, title={Modelling Organizational Recovery}, proceedings={Simulation Tools and Techniques. 13th EAI International Conference, SIMUtools 2021, Virtual Event, November 5-6, 2021, Proceedings}, proceedings_a={SIMUTOOLS}, year={2022}, month={3}, keywords={Distributed systems Malware Modelling Recovery Compositionality Interfaces Organizations}, doi={10.1007/978-3-030-97124-3_23} }
- Adrian Baldwin
Tristan Caulfield
Marius-Constantin Ilau
David Pym
Year: 2022
Modelling Organizational Recovery
SIMUTOOLS
Springer
DOI: 10.1007/978-3-030-97124-3_23
Abstract
Organizations today face a significant set of sophisticated information security threats, including rapidly spreading malware that can affect many devices across the organization. The impacts of such attacks are amplified by customers’ rising expectations of high-quality and rapid delivery of products and services, as well as by organizational attempts to increase demand artificially. This leads to the development of defence mechanisms that prioritize availability and integrity for the sake of reducing the overall time of organizational recovery. However, such mechanisms and strategies around recovery must suit the organization that deploys them. Each organization will have different priorities in terms of budget, speed of recovery, and priority of services or devices, and all of these will be impacted by the architecture of the organization and its networks. In this paper, we show how modelling can play a role in helping organizations understand the consequences of the different recovery mechanisms and strategies available to them. We describe a rigorous modelling framework and methodology grounded in mathematical systems modelling and simulation, and present as an example a comparative analysis of recovery strategies and mechanisms on a medium-scale organization.