A Method for Developing Qualitative Security Risk Assessment Algorithms

Sammendrag

We present a method for developing qualitative security risk assessment algorithms where the input captures the dynamic state of the target of analysis. This facilitates continuous monitoring. The intended users of the method are security and risk practitioners interested in developing assessment algorithms for their own or their client’s organization. Managers and decision makers will typically be end users of the assessments provided by the algorithms. To promote stakeholder involvement, the method is designed to ensure that the algorithm and the underlying risk model are simple to understand. We have employed the method to create assessment algorithms for 10 common cyber attacks, and use one of these to demonstrate the approach.

Les publikasjonen

Kategori

Vitenskapelig artikkel

Oppdragsgiver

EC/H2020 / 653321

Språk

Engelsk

Forfatter(e)

Gencer Erdogan
Atle Refsdal

Institusjon(er)

SINTEF Digital / Sustainable Communication Technologies

År

2018

Publisert i

Lecture Notes in Computer Science (LNCS)

ISSN

0302-9743

Forlag

Springer

Årgang

LNCS 10694

Side(r)

244 - 259

DOI

https://doi.org/10.1007/978-3-319-76687-4_17

Les fulltekst

https://hdl.handle.net/11250/2500576

Vis denne publikasjonen hos Cristin

Kontakt oss

Tjenester

Rapporter og publikasjoner

Forskningssenter og samarbeid

Karriere

Bærekraft

Institutter

Andre enheter

Ledelse og organisering

Om oss

Følg oss