Skip to Main Content
In the development of individual security concepts, risk-based information security management systems (ISMS)according to ISO 27001 have established themselves in addition to policies in the field of IT infrastructures. Particularly in the field of critical infrastructures, however, it has been shown that despite functioning security concepts, the Stuxnet virus was able to spread through industrial systems (infection). Nevertheless - the existing security concepts are not useless, but rarely take effect in behavioral risk. In this paper, we use the Trust/Investor game of the Game Theory to analyze the infection path. In general, the infection path is one game in a complex multi layer game. As a result, based on a Nash equilibrium, a cooperative solution is proposed to arm the existing IT security concepts against such infections.