Assessing and forecasting cybersecurity impacts
Cyberattacks constitute a major threat to most organizations. Beyond financial consequences, they may entail multiple impacts that need to be taken into account when making risk management decisions to allocate the required cybersecurity resources. Experts have traditionally focused on a technical p...
| Autores: | , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2020 |
| País: | España |
| Institución: | Consejo Superior de Investigaciones Científicas (CSIC) |
| Repositorio: | DIGITAL.CSIC. Repositorio Institucional del CSIC |
| OAI Identifier: | oai:digital.csic.es:10261/347765 |
| Acceso en línea: | http://hdl.handle.net/10261/347765 https://api.elsevier.com/content/abstract/scopus_id/85098555888 |
| Access Level: | acceso abierto |
| Palabra clave: | Cybersecurity Expert judgement Forecasting Multiattribute utility Risk management |
| Sumario: | Cyberattacks constitute a major threat to most organizations. Beyond financial consequences, they may entail multiple impacts that need to be taken into account when making risk management decisions to allocate the required cybersecurity resources. Experts have traditionally focused on a technical perspective of the problem by considering impacts in relation with the confidentiality, integrity, and availability of information. We adopt a more comprehensive approach identifying a broader set of generic cybersecurity objectives, the corresponding set of attributes, and relevant forecasting and assessment models. These are used as basic ingredients for decision support in cybersecurity risk management. |
|---|