Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies

Patè‐Cornell, M. Elisabeth; Kuypers, Marshall; Smith, Matthew D.; Keller, Philip

doi:10.1111/risa.12844

Cited by 108 publications

(56 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this regard, the usage of data collection and analysis related to the attacker may be essential to decision making. For example, such analysis may determine whether it is necessary to update the software of an existing cybersecurity system or to adopt a new one to stay ahead of cyber attackers trying to compromise a system (Paté-Cornell et al, 2017). Thus, proactive data gathering and analysis of attackers can help achieve both short-and long-term cyber risk management goals.…”

Section: Cyber Risk Management Problem Statementmentioning

confidence: 99%

Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach

Marotta¹,

McShane²

2018

Risk Manage Insurance Review

View full text Add to dashboard Cite

Cyber threats are an emerging risk posing a range of challenges to organizations of all sizes. Corporate risk managers need to understand that cyber risk management must not be a silo in the IT department. Cyber threats are the result of intelligent adaptive agents that cannot be managed by traditional risk management techniques only. The article describes the honeypot concept, which is a proactive measure for identifying and gathering information about attackers in order to develop suitable and effective countermeasures. In addition, this article proposes the integration of the honeypot concept into a cyber risk management approach based on the five preparedness mission areas of the Federal Emergency Management Agency (FEMA).

show abstract

Section: Cyber Risk Management Problem Statementmentioning

confidence: 99%

Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach

Marotta¹,

McShane²

2018

Risk Manage Insurance Review

View full text Add to dashboard Cite

show abstract

“…The suggested model allows the user to choose the optimal data partition and protection policy, an important task of cyber risk management (Paté‐Cornell, Kuypers, Smith, & Keller, ). In many cases cloud providers suggest to users several different options for data protection and attack detection (types of EWAs) at different price.…”

Section: Optimal Data Partition and Protection Policymentioning

confidence: 99%

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

2018

View full text Add to dashboard Cite

Empowered by virtualization technology, service requests from cloud users can be honored through creating and running virtual machines. Virtual machines established for different users may be allocated to the same physical server, making the cloud vulnerable to coresidence attacks where a malicious attacker can steal a user's data through co-residing their virtual machines on the same server. For protecting data against the theft, the data partition technique is applied to divide the user's data into multiple blocks with each being handled by a separate virtual machine. Moreover, early warning agents (EWAs) are deployed to possibly detect and prevent co-residence attacks at a nascent stage. This article models and analyzes the attack success probability (complement of data security) in cloud systems subject to competing attack detection process (by EWAs) and data theft process (by co-residence attackers). Based on the suggested probabilistic model, the optimal data partition and protection policy is determined with the objective of minimizing the user's cost subject to providing a desired level of data security. Examples are presented to illustrate effects of different model parameters (attack rate, number of cloud servers, number of data blocks, attack detection time, and data theft time distribution parameters) on the attack success probability and optimization solutions.

show abstract

“…Reliable models for the measure of the cyber risk are not available or have signi cant limitations, like the lack of generalization and the fact that most works consider only the analysis of past data to derive probabilistic models, while it is not clear how to obtain reliable estimates about future events [7,8]. Moreover, some quantitative approaches, like the well-known HTMA (how to measure anything) [9] and the FAIR [10] methods rely on a subjective evaluation of the likelihood of an event (in particular, of the probability of a successful attack due to a certain threat) given by a team of experts [11,12]. ese kinds of probabilities usually show some level of inaccuracy and should be replaced by more objective models.…”

Section: Introductionmentioning

confidence: 99%

A Data-Driven Approach to Cyber Risk Assessment

Santini

Gottardi

Baldi

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

Cyber risk assessment requires defined and objective methodologies; otherwise, its results cannot be considered reliable. The lack of quantitative data can be dangerous: if the assessment is entirely qualitative, subjectivity will loom large in the process. Too much subjectivity in the risk assessment process can weaken the credibility of the assessment results and compromise risk management programs. On the other hand, obtaining a sufficiently large amount of quantitative data allowing reliable extrapolations and previsions is often hard or even unfeasible. In this paper, we propose and study a quantitative methodology to assess a potential annualized economic loss risk of a company. In particular, our approach only relies on aggregated empirical data, which can be obtained from several sources. We also describe how the method can be applied to real companies, in order to customize the initial data and obtain reliable and specific risk assessments.

show abstract

Cyber Risk Management for Critical Infrastructure: A Risk Analysis Model and Three Case Studies

Cited by 108 publications

References 11 publications

Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach

Integrating a Proactive Technique Into a Holistic Cyber Risk Management Approach

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

A Data-Driven Approach to Cyber Risk Assessment

Contact Info

Product

Resources

About