Impact assessment of cyber attacks: A quantification study on power generation systems

Tatar, Unal; Bahşi, Hayretdin; Gheorghe, Adrian V.

doi:10.1109/sysose.2016.7542959

Cited by 10 publications

(5 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is a good discussion in [30] on this topic, while Eling and Wirfs (2019) [31] provide some distributions calculated on experienced operational cyberlosses. Tatar et al (2020) [32] have developed a model for the Society of Actuaries that can be deployed in an insurance context to describe the specific attack vectors of an organization's systems that would potentially combined well with the model in this paper.…”

Section: Discussionmentioning

confidence: 99%

Pricing cyber-insurance for systems via maturity models

Skeoch¹,

Pym²

2023

Preprint

View full text Add to dashboard Cite

Risks associated with information technology systems present a complex modelling challenge, combining the disciplines of operations management, security, and economics. The challenge is to establish a representation of an organization's operational and systems architecture that allows an assessment of the security postures of its various components able to support an assessment of its insurance risk. This work proposes a socioeconomic model for cyber-insurance decisions compromised of entity relationship diagrams, security maturity models, and economic models, thereby linking systemstype and economic approaches to cyber-security assessments. The concept of a cyber-loss-adjuster is introduced, who reconciles cyber-incidents with economic losses. The work aims to bridge a number of disciplines to partly address a longstanding research challenge of accounting for organizational structure in the design and pricing of cyber-insurance. It is important to note the following: insurance companies have long experience of the magnitude and frequency of losses that arise in organizations based on their size, industry sector, and location. Consequently, their calculations of premia will start from a baseline determined by these considerations. The contribution of the methodology proposed here is to provide a framework for calculating the effects of cyber-based risk on the frequency and magnitude of losses. This is achieved through a security analysis of the relationship between the operational structure of an organization and its information systems. It also provides a consistent means for those seeking insurance to describe and understand their security posture and for an insurance company to price its offer of coverage.1 Comprehensive reviews of the cyber-insurance literature can be found in Eling et al ( 2016)[2], Marotta et al (2017) [3], Aziz (2020) [4] and Skeoch (2022) [5] 2 See, for example, Woods et al (2017) [7] and Romanosky et al (2019) [8] 1

show abstract

Section: Discussionmentioning

confidence: 99%

Pricing cyber-insurance for systems via maturity models

Skeoch¹,

Pym²

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…We begin by reviewing how cyber-attacks affects critical infrastructures and their negative impact on grid operations. Power generation and distribution companies are the targets for cyberattack; usually, the attacker aims to disrupt or destroy industrial control systems [82]. Secondly, we also specifically look at the application of Information technology from the perspective of the smart grid with its security implications.…”

Section: Discussionmentioning

confidence: 99%

Critical Infrastructure Cybersecurity Challenges: IoT in Perspective

Matey¹,

Danquah²,

Koi-Akrofi³

et al. 2021

IJNSA

View full text Add to dashboard Cite

A technology platform that is gradually bridging the gap between object visibility and remote accessibility is the Internet of Things (IoT). Rapid deployment of this application can significantly transform the health, housing, and power (distribution and generation) sectors, etc. It has considerably changed the power sector regarding operations, services optimization, power distribution, asset management and aided in engaging customers to reduce energy consumption. Despite its societal opportunities and the benefits it presents, the power generation sector is bedeviled with many security challenges on the critical infrastructure. This review discusses the security challenges posed by IoT in power generation and critical infrastructure. To achieve this, the authors present the various IoT applications, particularly on the grid infrastructure, from an empirical literature perspective. The authors concluded by discussing how the various entities in the sector can overcome these security challenges to ensure an exemplary future IoT implementation on the power critical infrastructure value chain.

show abstract

“…The governance aspects of CS have been investigated in businesses that are multidisciplinary by nature, and the use of various cybernetics models has been proposed in national CS risk management processes for continuous and good CS management by taking advantage of multidisciplinary cooperation, speech, target guidance, and dynamic feedback control aspects of cybernetics (Tatar et al. 2016 ; Vinnakota, 2016 ).…”

Section: Findings and Reviewmentioning

confidence: 99%

“…( 2015 ) Tatar et al. ( 2016 ) De Bruin and von Solms ( 2015 ) Lam ( 2016 ) 2 Mačák ( 2016 ) Vinnakota ( 2016 ) Machado ( 2015 ) Spremić and Šimunic ( 2018 ) 3 Güler and Arkın ( 2019 ) Rondelez ( 2018 ) Von Solms ( 2016 ) Christensen and Liebetrau ( 2019 ) 4 Aldemir and Kaya ( 2020 ) Pontbriand ( 2020 ) Carrapico and Barrinha ( 2018 ) Renaud et al. ( 2019 ) 5 – – Whyte ( 2018 ) Eldem ( 2020 ) 6 – – Thuraisingham ( 2019 ) – A&CoCs analysis and control of cybersecurity, GoCs governance of cybersecurity, CsGS&M cybersecurity governance strategies and methodologies, RoCsGitF reflections of cybersecurity governance in the field …”

Section: Findings and Reviewmentioning

confidence: 99%

Cyber governance studies in ensuring cybersecurity: an overview of cybersecurity governance

Karataş¹

2022

Int. Cybersecur. Law Rev.

View full text Add to dashboard Cite

With the exponential increase of digital data in cyber environments, security measures have gained more importance. Cybersecurity threats are revealed by national and international units, and the number of these threats is increasing daily. The elimination of cybersecurity risks is possible with an effective cybersecurity strategy. Since the concept of management is not sufficient, the implementation of this strategy is possible with cyber governance, which includes all stakeholders in the management processes. This study emphasizes the importance and necessity of cyber governance in ensuring cybersecurity. The research and results for cybersecurity governance have been examined. A descriptive research model was used to this end. In terms of research philosophy, a basic research model and a documentary research model have been created with regard to the application method. The universe of the research consists of studies obtained from Web of Science, EBSCO, Scopus, Google Scholar, and TR Index. Studies from the last 5 years have been downloaded with the determined keywords. The result showed that although there are studies that produce local solutions for cybersecurity governance in different countries, a general governance framework has not been established as yet. On the contrary, there is a latent struggle to retain the management of this area, not its governance.

show abstract

Impact assessment of cyber attacks: A quantification study on power generation systems

Cited by 10 publications

References 9 publications

Pricing cyber-insurance for systems via maturity models

Pricing cyber-insurance for systems via maturity models

Critical Infrastructure Cybersecurity Challenges: IoT in Perspective

Cyber governance studies in ensuring cybersecurity: an overview of cybersecurity governance

Contact Info

Product

Resources

About