The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals

Cloud computing has been one of the major emerging technologies in recent years. However, for cloud computing, the risk assessment becomes more complex since there are several issues that likely emerged. In this paper, we survey the existing work on assessing security risks in cloud computing applications. Existing work does not address the dynamic nature of cloud applications and there is a need for methods that calculate the security risk factor dynamically. In this paper, we use the National Institute of Standards and Technology (NIST) Risk Management Framework and present a dynamic scenario-based methodology for risk assessment. The methodology is based using Bayesian networks to estimate the likelihood of cloud application security failure which enables us to compute the probability distribution of failures over variables of interest given the evidence. We illustrate the methodology using two case studies and highlight the significant risk factors. We also show the effect of using security controls in reducing the risk factors.

Download Full-text

Security Risk Assessment for Internet Of Things based Forest Fires Detection System

International Journal of Advanced Trends in Computer Science and Engineering ◽

10.30534/ijatcse/2020/315952020 ◽

2020 ◽

Vol 9 (5) ◽

pp. 9098-9104

Keyword(s):

Risk Assessment ◽

Internet Of Things ◽

Forest Fires ◽

Detection System ◽

Security Risk ◽

Security Risk Assessment

Download Full-text

Cyber-security risk assessment framework for critical infrastructures

Intelligent Automation & Soft Computing ◽

10.31209/2018.100000049 ◽

2018 ◽

pp. -1--1 ◽

Cited By ~ 2

Author(s):

Zubair Baig ◽

Sherali Zeadally

Keyword(s):

Risk Assessment ◽

Cyber Security ◽

Critical Infrastructures ◽

Assessment Framework ◽

Security Risk ◽

Security Risk Assessment

Download Full-text

Defense Transportation's EDI Program: A Security Risk Assessment

10.21236/ada268612 ◽

1993 ◽

Author(s):

Harold L. Frohman ◽

William R. Ledder

Keyword(s):

Risk Assessment ◽

Security Risk ◽

Security Risk Assessment

Download Full-text

Security Risk Assessment of Information Systems in an Indeterminate Environment

2021 11th International Conference on Cloud Computing, Data Science & Engineering (Confluence) ◽

10.1109/confluence51648.2021.9377129 ◽

2021 ◽

Author(s):

Basundhara Basumatary ◽

Chandan Kumar ◽

Dilip Kumar Yadav

Keyword(s):

Risk Assessment ◽

Information Systems ◽

Security Risk ◽

Security Risk Assessment

Download Full-text

Evolution of Safety and Security Risk Assessment methodologies to use of Bayesian Networks in Process Industries

Process Safety and Environmental Protection ◽

10.1016/j.psep.2021.03.031 ◽

2021 ◽

Author(s):

Priscilla Grace George ◽

V.R. Renjith

Keyword(s):

Risk Assessment ◽

Bayesian Networks ◽

Security Risk ◽

Process Industries ◽

Security Risk Assessment

Download Full-text

A Model-Data Integrated Cyber Security Risk Assessment Method for Industrial Control Systems

2018 IEEE 7th Data Driven Control and Learning Systems Conference (DDCLS) ◽

10.1109/ddcls.2018.8516022 ◽

2018 ◽

Author(s):

Yuan Peng ◽

Kaixing Huang ◽

Weixun Tu ◽

Chunjie Zhou

Keyword(s):

Risk Assessment ◽

Control Systems ◽

Cyber Security ◽

Assessment Method ◽

Security Risk ◽

Model Data ◽

Industrial Control ◽

Industrial Control Systems ◽

Risk Assessment Method ◽

Security Risk Assessment

Download Full-text