Cyber Risk Assessment Checklist Profi le and Questionnaire

2013 ◽  
pp. 102-107
Keyword(s):  
Risk Assessment ◽  
Cyber Risk

scholarly journals Epistemological Equation for Analysing Uncontrollable States in Complex Systems: Quantifying Cyber Risks from the Internet of Things

2021 ◽  
Author(s):  
Petar Radanliev ◽  
David De Roure ◽  
Pete Burnap ◽  
Omar Santos
Keyword(s):  
Risk Assessment ◽  
Internet Of Things ◽  
Empirical Analysis ◽  
Quantitative Risk Assessment ◽  
The Internet ◽  
Self Assessment ◽  
Target State ◽  
Epistemological Analysis ◽  
Cyber Risk ◽  
The Internet Of Things

AbstractThe Internet-of-Things (IoT) triggers data protection questions and new types of cyber risks. Cyber risk regulations for the IoT, however, are still in their infancy. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. At present, there are no self-assessment methods for quantifying IoT cyber risk posture. It is considered that IoT represent a complex system with too many uncontrollable risk states for quantitative risk assessment. To enable quantitative risk assessment of uncontrollable risk states in complex and coupled IoT systems, a new epistemological equation is designed and tested though comparative and empirical analysis. The comparative analysis is conducted on national digital strategies, followed by an empirical analysis of cyber risk assessment approaches. The results from the analysis present the current and a target state for IoT systems, followed by a transformation roadmap, describing how IoT systems can achieve the target state with a new epistemological analysis model. The new epistemological analysis approach enables the assessment of uncontrollable risk states in complex IoT systems—which begin to resemble artificial intelligence—and can be used for a quantitative self-assessment of IoT cyber risk posture.

scholarly journals Qualitative Risk Assessment of Cybersecurity and Development of Vulnerability Enhancement Plans in Consideration of Digitalized Ship

2021 ◽  
Vol 9 (6) ◽  
pp. 565
Author(s):  
Yunja Yoo ◽  
Han-Seon Park
Keyword(s):  
Risk Assessment ◽  
Safety Management ◽  
International Standards ◽  
Security Risk ◽  
Analytic Hierarchy ◽  
Improvement Plan ◽  
Qualitative Risk Assessment ◽  
Cyber Risk ◽  
Hierarchy Process ◽  
Ship Safety

The International Maritime Organization (IMO) published the Guidelines on Maritime Cyber Risk Management in 2017 to strengthen cybersecurity in consideration of digitalized ships. As part of these guidelines, the IMO recommends that each flag state should integrate and manage matters regarding cyber risk in the ship safety management system (SMS) according to the International Safety Management Code (ISM Code) before the first annual verification that takes place on or after 1 January 2021. The purpose of this paper is to identify cybersecurity risk components in the maritime sector that should be managed by the SMS in 2021 and to derive priorities for vulnerability improvement plans through itemized risk assessment. To this end, qualitative risk assessment (RA) was carried out for administrative, technical, and physical security risk components based on industry and international standards, which were additionally presented in the IMO guidelines. Based on the risk matrix from the RA analysis results, a survey on improving cybersecurity vulnerabilities in the maritime sector was conducted, and the analytic hierarchy process was used to analyze the results and derive improvement plan priority measures.

A functional approach to cyber risk assessment

2021 ◽  
Author(s):  
Giulia Rafaiani ◽  
Massimo Battaglioni ◽  
Marco Baldi ◽  
Franco Chiaraluce ◽  
Giovanni Libertini ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Functional Approach ◽  
Cyber Risk

Cyber Risk Assessment and Mitigation (CRAM) Framework Using Logit and Probit Models for Cyber Insurance

2017 ◽  
Vol 21 (5) ◽  
pp. 997-1018 ◽  
Author(s):  
Arunabha Mukhopadhyay ◽  
Samir Chatterjee ◽  
Kallol K. Bagchi ◽  
Peteer J. Kirs ◽  
Girja K. Shukla
Keyword(s):  
Risk Assessment ◽  
Cyber Insurance ◽  
Probit Models ◽  
Logit And Probit Models ◽  
Cyber Risk

A Fuzzy Cyber-Risk Analysis Model for Assessing Attacks on the Availability and Integrity of the Military Command and Control Systems

2015 ◽  
pp. 1231-1245
Author(s):  
Madjid Tavana ◽  
Dawn A. Trevisani ◽  
Dennis T. Kennedy
Keyword(s):  
Risk Assessment ◽  
Command And Control ◽  
Financial Impact ◽  
Analysis Model ◽  
External Threats ◽  
Human Decision ◽  
Military Command ◽  
And Control ◽  
The Military ◽  
Cyber Risk

The increasing complexity in Military Command and Control (C2) systems has led to greater vulnerability due to system availability and integrity caused by internal vulnerabilities and external threats. Several studies have proposed measures of availability and integrity for the assets in the C2 systems using precise and certain measures (i.e., the exact number of attacks on the availability and the integrity, the number of countermeasures for the availability and integrity attacks, the effectiveness of the availability and integrity countermeasure in eliminating the threats, and the financial impact of each attack on the availability and integrity of the assets). However, these measures are often uncertain in real-world problems. The source of uncertainty can be vagueness or ambiguity. Fuzzy logic and fuzzy sets can represent vagueness and ambiguity by formalizing inaccuracies inherent in human decision-making. In this paper, the authors extend the risk assessment literature by including fuzzy measures for the number of attacks on the availability and the integrity, the number of countermeasures for the availability and integrity attacks, and the effectiveness of the availability and integrity countermeasure in eliminating these threats. They analyze the financial impact of each attack on the availability and integrity of the assets and propose a comprehensive cyber-risk assessment system for the Military C2 in the fuzzy environment.

Cyber Risk Assessment of Networked Cyber Assets using Probabilistic Model Checking

2019 ◽  
Author(s):  
Anand Handa ◽  
Subhasis Mukhopadhyay ◽  
Shankhadip Mallick ◽  
Nitesh Kumar ◽  
Sandeep K. Shukla ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Model Checking ◽  
Probabilistic Model ◽  
Probabilistic Model Checking ◽  
Cyber Risk
Sign in / Sign up

Export Citation Format

Share Document