A Method for Developing Algorithms for Assessing Cyber-Risk Cost

Erdogan, Gencer; Gonzalez, Alejandra; Refsdal, Atle; Seehusen, Fredrik

doi:10.1109/qrs.2017.29

Cited by 2 publications

(1 citation statement)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An interesting observation regarding the origin of the data is that each of the primary studies used, on average, more than one data source for deriving their indicators (Figure 10). For example, the approach presented by Erdogan et al [37] reports four data sources as input for cyber-risk assessment (network layer monitoring indicators, application layer monitoring indicators, security test results and business-related information obtained from stakeholders). While we did not record whether these previous studies have shared the datasets openly with others, the benefits of collecting and sharing such data are pointed out by Moore et al [38] and Zheng et al [16].…”

Section: Rq 3: What Is the Origin Of The Data For The Indicators?mentioning

confidence: 99%

A Systematic Mapping Study on Cyber Security Indicator Data

et al. 2021

Self Cite

View full text Add to dashboard Cite

A security indicator is a sign that shows us what something is like or how a situation is changing and can aid us in making informed estimations on cyber risks. There are many different breeds of security indicators, but, unfortunately, they are not always easy to apply due to a lack of available or credible sources of data. This paper undertakes a systematic mapping study on the academic literature related to cyber security indicator data. We identified 117 primary studies from the past five years as relevant to answer our research questions. They were classified according to a set of categories related to research type, domain, data openness, usage, source, type and content. Our results show a linear growth of publications per year, where most indicators are based on free or internal technical data that are domain independent. While these indicators can give valuable information about the contemporary cyber risk, the increasing usage of unconventional data sources and threat intelligence feeds of more strategic and tactical nature represent a more forward-looking trend. In addition, there is a need to take methods and techniques developed by the research community from the conceptual plane and make them practical enough for real-world application.

show abstract

Section: Rq 3: What Is the Origin Of The Data For The Indicators?mentioning

confidence: 99%