Artikel
A multivariate Mmdel to quantify and mitigate cybersecurity risk
The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types of attack and the effect of mitigation strategies on those attacks. Utilising collected cyber attack data and assumptions on mitigation approaches, we look at an example of using the model to optimise the choice of mitigations. We find that the optimal choice of mitigations will depend on the goal-to prevent extreme damages or damage on average. Numerical experiments suggest the dependence aspect is important and can alter final risk estimates by as much as 30%. The methodology can be used to quantify the cost of cyber attacks and support decision making on the choice of optimal mitigation strategies.
- Sprache
-
Englisch
- Erschienen in
-
Journal: Risks ; ISSN: 2227-9091 ; Volume: 8 ; Year: 2020 ; Issue: 2 ; Pages: 1-20 ; Basel: MDPI
- Klassifikation
-
Wirtschaft
- Thema
-
cyber risk
optimal mitigations
value at risk (VaR)
operational risk
- Ereignis
-
Geistige Schöpfung
- (wer)
-
Bentley, Mark
Stephenson, Alec
Toscas, Peter
Zhu, Zili
- Ereignis
-
Veröffentlichung
- (wer)
-
MDPI
- (wo)
-
Basel
- (wann)
-
2020
- DOI
-
doi:10.3390/risks8020061
- Handle
- Letzte Aktualisierung
-
20.09.2024, 08:21 MESZ
Datenpartner
ZBW - Deutsche Zentralbibliothek für Wirtschaftswissenschaften - Leibniz-Informationszentrum Wirtschaft. Bei Fragen zum Objekt wenden Sie sich bitte an den Datenpartner.
Objekttyp
- Artikel
Beteiligte
- Bentley, Mark
- Stephenson, Alec
- Toscas, Peter
- Zhu, Zili
- MDPI
Entstanden
- 2020
Ähnliche Objekte (12)
Cybersecurity
Cybersecurity
Cybersecurity
Cybersecurity Risk
Cybersecurity & Datenschutz
Managing dependencies in automotive cybersecurity through assumptions, cybersecurity claims and modular cybersecurity cases
Cybersecurity als Unternehmensleitungsaufgabe
Cybersecurity in Germany
Automotive Cybersecurity Pocket Guide
Artificial Intelligence and Cybersecurity
Cybersecurity and financial stability
Automotive Cybersecurity-Managementsystem-Audit
Cybersecurity
Cybersecurity
Cybersecurity
Cybersecurity Risk
Cybersecurity & Datenschutz
Managing dependencies in automotive cybersecurity through assumptions, cybersecurity claims and modular cybersecurity cases
Cybersecurity als Unternehmensleitungsaufgabe
Cybersecurity in Germany
Automotive Cybersecurity Pocket Guide
Artificial Intelligence and Cybersecurity
Cybersecurity and financial stability
Automotive Cybersecurity-Managementsystem-Audit
Cybersecurity
Cybersecurity
Cybersecurity
Cybersecurity Risk
Cybersecurity & Datenschutz
Managing dependencies in automotive cybersecurity through assumptions, cybersecurity claims and modular cybersecurity cases
Cybersecurity als Unternehmensleitungsaufgabe
Cybersecurity in Germany
Automotive Cybersecurity Pocket Guide
Artificial Intelligence and Cybersecurity
Cybersecurity and financial stability