MAGIC: A Method for Assessing Cyber Incidents Occurrence

Battaglioni, Massimo; Rafaiani, Giulia; Chiaraluce, Franco; Baldi, Marco

doi:10.1109/access.2022.3189777

Cited by 6 publications

(2 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The proposed CMC model was developed from the perspective of assessing capabilities, based on the information that we know with certainty and have available, both internally and externally, from the context where the organization operates, which are actions of the different levels of government of a country and the international community. A large number of works reviewed in the literature maintain the perspective of evaluating cyber risk, based on unknown information, using probabilities of possible incidents and their effects; historical data is generally not available and subjective methods end up being used, such as expert judgment [35].…”

Section: Discussionmentioning

confidence: 99%

Prototype to Identify the Capacity in Cybersecurity Management for a Public Organization

Izurieta¹,

Toapanta²,

Morales³

et al. 2023

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Public organizations are subjected to a complex security situation, which can be addressed by permanently strengthening and evaluating their cybersecurity capabilities. The objective of this research is to develop a model to identify the cybersecurity management capacity of public organizations. The deductive method was applied for the review and analysis of criteria, factors and variables related to cybersecurity capacity in public organizations. It resulted in a model to identify the Cybersecurity Management Capacity of public organizations, with its process to assess and categorize organizations according to their level of cybersecurity capacity. It was concluded that public organizations from developed countries in cybersecurity such as Spain have better capacities (greater than 60% CMC) than less developed countries such as Ecuador (less than 60% CMC), due to the cybersecurity context where these organizations operate. To obtain a high level of cybersecurity, public organizations must have the support of the governments of the different political divisions of a country, as well as permanent international collaboration in the field of cybersecurity.

show abstract

Section: Discussionmentioning

confidence: 99%

Prototype to Identify the Capacity in Cybersecurity Management for a Public Organization

Izurieta¹,

Toapanta²,

Morales³

et al. 2023

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

show abstract

“…Other probabilistic methods have been introduced, like MAGIC [4], which is a method that evaluates the probability of occurrence of cybersecurity risk. MAGIC is a probabilistic model that computes the likelihood of occurrence based on the organization's posture, like awareness of the employees, maturity and complexity, etc.…”

Section: Future Workmentioning

confidence: 99%