IT security planning under uncertainty for high-impact events

Rakes, Terry R.; Deane, Jason K.; Rees, Loren Paul

doi:10.1016/j.omega.2011.03.008

Cited by 60 publications

(20 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…which makes them very to apply in practice. [20] lower input data requirements by using discrete scales for probability and impact values. It is, however, still problematic since finding a trade-off between costs and risk requires both to be measured accurately.…”

Section: Decision Support For Proposing Optimal Safeguardsmentioning

confidence: 99%

CUREX: seCUre and pRivate hEalth data eXchange

Mohammadi

Panou

Ntantogian

et al. 2019

IEEE/WIC/ACM International Conference on Web Intelligence - Companion Volume

View full text Add to dashboard Cite

e Health sector's increasing dependence on digital information and communication infrastructures renders it vulnerable to privacy and cybersecurity threats, especially as the the of health data has become lucrative for cyber criminals. CUREX comprehensively addresses the protection of the confidentiality and integrity of health data by producing a novel, flexible and scalable situational awareness-oriented platform. It allows a healthcare provider to assess cybersecurity and privacy risks that are exposed to and suggest optimal strategies for addressing these risks with safeguards tailored to each business case and application. CUREX is fully GDPR compliant by design. At its core, a decentralised architecture enhanced by a private blockchain infrastructure ensures the integrity of the data andmost importantly-the patient safety. Crucially, CUREX expands beyond technical measures and improves cyber hygiene through training and awareness activities for healthcare personnel. Its validation focuses on highly challenging cases of health data exchange, spanning patient cross-border mobility, remote healthcare, and data exchange for research. CCS CONCEPTS• Social and professional topics~Health information exchanges

show abstract

Section: Decision Support For Proposing Optimal Safeguardsmentioning

confidence: 99%

CUREX: seCUre and pRivate hEalth data eXchange

Mohammadi

Panou

Ntantogian

et al. 2019

IEEE/WIC/ACM International Conference on Web Intelligence - Companion Volume

View full text Add to dashboard Cite

show abstract

“…By comparing the budget and the expected damage after conducting cybersecurity risk assessment, and optimal amount of investment could be obtained. The reference [28] provided a model to the key requirement in security planning for any threat scenario and apply specific countermeasures. The reference [10] proposed Risk Assessment and Optimization Model (RAOM) to solve the security countermeasure selection problem, where variables such as financial cost and risk may affect the final decision of risk level.…”

Section: Decision Support Modelsmentioning

confidence: 99%

A Classification Scheme for Cybersecurity Models

Atoum¹,

Otoom²

2017

IJSIA

View full text Add to dashboard Cite

show abstract

“…Viduto et al (2012) also proposed a bi-objective model that considers the trade-off between financial costs and risk. Rakes et al (2012) argue that, in addition to expected losses, sparse events that might result in high-impact losses should be considered, too. They proposed a model that minimizes the total loss caused by security incidents.…”

Section: Related Workmentioning

confidence: 99%

“…Thereby, threat criticality is reduced at a decreasing rate if more safeguards are selected. This interdependence of safeguards models the fact that security investments have a diminishing marginal utility (Schilling & Werners, 2014, Rakes et al, 2012, Sawik, 2013. Considering all safeguards at once we get the following equation to calculate the remaining criticality index of threat i after selecting safeguards according to s k :…”

Section: Accepted Manuscriptmentioning

confidence: 99%