CRISCROSS - Crisismanagment/RISkanalysis - CROSSover system

To depict cyber-situations accurately, knowledge about systems, the threats posed to them, their vulnerabilities and already occurred attacks against these systems has to be accumulat-ed in a nation-wide situation-overview. The basis for the scientific development of this nation-wide situation-overview has been laid by the KIRAS-project "STRATFÜSYS" and was further developed by the KIRAS-project GeRiAn "Gesamtsaatliche Risiko- und Bedrohungsanalyse". In these projects, it was demonstrated that the creation of a nation-wide risks- and threats-analysis (a "system of risks") would be an indispensable supplement of the current security-political situation. It is the task of this system for risk-analysis to provide leadership- and man-agement systems with risks-evaluation as a basis for strategic decisions. To undertake a state-wide risk- and threat-analysis, cooperation and a wide range of sources is required in order to integrate experts from administration, economics and science into the analysis process and obtain information from already existing technical cyber-situational overviews. These sources provide the indicators which are supposed to enable short- and longterm risk-, threat- and trend analysis. Especially the harmonisation of indicators is a cru-cial task due to the variety of sources; available data has to be edited to guarantee legibility in middle and higher management. Therefore, within the recommended project, a tool based on key figures will be developed, which on the one hand depicts risks in a scorecard and, on the other hand, enables for politi-cians a continuous collection, edition and harmonisation of information, an evaluation of risks and threats – as a strategic planning-tool and ad-hoc-information-system to support decision making. It is crucial for the success of the tool to create interfaces (for the import and export of data) so that risk evaluation and changes to risks can be incorporated as soon as possible into already existing analysis-systems on various layers of decision-planning and -making. Through an exemplary training-concept, which will be conceived in the recommended pro-ject, this tool will become a companion for experts, decision makers and crisis management so that in the event of crisis rapid and efficient decisions can be taken.