TREsPASS:
Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security
The TREsPASS research project (2012-16) included a work stream to explore the visualisation of cyber security risk. The goal of this work stream was to extend the state of the art in cyber security risk tools by developing visualisations that combine information visualisations with techniques from critical cartography and digital humanities to articulate different socio-technical dimensions of risk and provide tools through which to explore these dimensions. Three types of visualisation came out of there project: Artistic, articulating cultural dimensions of security risks; Journalistic, showing the relationships between risks and data flows within organisations and risk models; Scientific, quantifications of qualitative risk data, and attack and defence interactions. These all enable users to calculate risk from different perspectives and perform root cause analysis.