Outcomes

Wardley Maps for Security

View the original Working Session content
 

Description of session

This practical session on creating Wardley maps considered the following aspects of Wardley maps:

  • Shared and reviewed Wardley maps

    • Non-security specific
    • Across a number of different industries
    • Use-cases as examples of good mapping

    • High-level review of related articles to

    • Lay out processes or approaches to develop Wardley maps

    • Resources here

    • Analysed proposal for “map of security mapping”

    • Generated useful conversations

    • Sharing of insight in terms of

      • Positioning of elements on the map
      • Consensus -approach was appropriate and the elements relevant
      • See proposal
    • Presented a set of proposals on using Wardley Maps to capture security scenarios based on Cyber Essentials compliance, which covers:

    • Patch Management

    • User access control

    • Malware protection

    • Firewalls

    • Hardening/Secure Configuration.

Outcomes/Deliverables

  • Review and feedback on map of security mapping
  • Agreement on usefulness of maps for assessing particular parts of a security landscape
  • Following feedback received, the map was updated as follows:

Next steps

  • Update in the relevant section all the resources that were reviewed plus additional ones that were shared during the session
  • Add the security scenarios and use cases discussed in the meeting to an OSS template

Resources

See the session’s presentation on Slideshare

Session organiser(s)

Mario Platt Mario Platt , Tony Richards Tony Richards

Participants

Ben Schofield Ben Schofield , Emma Fang Emma Fang , Florian Buetow Florian Buetow , Hwee Ching Neo Hwee Ching Neo , Jean-Jacques MOIROUX Jean-Jacques MOIROUX , Nick Drage Nick Drage , Phil Huggins Phil Huggins , Roger Comastorres Roger Comastorres , Simon Wardley Simon Wardley , Yan Kravchenko Yan Kravchenko Avi Douglen Avi Douglen , Konstantinos Damianakis Konstantinos Damianakis , Luis Servin Luis Servin , Vinod Anandan Vinod Anandan

Attached materials: