Robert Lagerström

The number of cyber-attacks is growing in scale and almost every day we hear how companies, local government authorities and organisations are exposed. The attack surface is growing as digitalisation gathers pace, while at the same time there is greater internal cyber complexity and escalating international threat scenarios.

Robert Lagerström and his colleagues have developed a method and framework where cyber security can be analysed in large-scale IT environments. Using this, a model of an organisation’s cyber environment can automatically be created. The model can then automatically be analysed. As the analysis is based on simulations, uncertainties – regarding both the analysis and input data –can be managed.

There are several advantages of using a model where the environment is not impacted. Nothing can be destroyed by mistake when testing the environment, and changes can be tested in advance before being implemented in a live IT environment.

The results are developed, tested and validated together with organisations, large and small, through projects at both national and international level. The framework and method have been tested for various IT environments, including automotive, banking and finance, power systems, and cloud infrastructure.