| Over the past ten years, has society become better with cyber defense efforts? Today, cyber attackers still have the ability to penetrate network defenses as they did ten years ago. In fact, cyberattacks have increased 48% in 2014 from 2013, an average of 117,339 more attackers per day (White, 2014).;Cyber defense decision makers typically have a basic understanding of cybersecurity policy, their architecture, and systems. But as these systems evolve, they become disconnected and rely on hearsay and conjecture or make decisions using outdated or misrepresented data.;This paper presents a formalized approach to building a theoretical abstraction to help reduce the risk of miscommunication at the foundational level when beginning to create new cybersecurity policies. The paper will explain issues that arise from current methodologies. What is the gap in Cybersecurity and what elements build an effective cybersecurity policy. A step-by-step approach demonstrating the formalized approach to building informal scenarios of the current environment and converting it to formalized text. Once a product of formalized text is created, it can be modeled using a foundation of entity diagrams combined with Object Role Modeling (ORM). Models have been adjusted and created to enable the reader to model at a conceptual abstraction instead of the logical abstraction, with an emphasis on cybersecurity. The paper continues with the benefits of a model that helps reduce confusion.;The paper concludes with the future possibilities and uses of a conceptual formalized approach and potential deliverables and uses for the recommended approach.;Keywords: Attributes, base facts, conceptual, cybersecurity, entity, logical, ORM, physical relationship, Stephen Maher. |
