Cargando…
An Adversarial Risk Analysis Framework for Cybersecurity
Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with cyber threats potentially affecting them, prioritize the defense of their assets, and decide what security controls should be implemented. Many risk analysis methods are present in cybersecurity model...
| Autores principales: | , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
John Wiley and Sons Inc.
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7891439/ https://www.ncbi.nlm.nih.gov/pubmed/31183890 http://dx.doi.org/10.1111/risa.13331 |
| _version_ | 1783652700026568704 |
|---|---|
| author | Rios Insua, David Couce‐Vieira, Aitor Rubio, Jose A. Pieters, Wolter Labunets, Katsiaryna G. Rasines, Daniel |
| author_facet | Rios Insua, David Couce‐Vieira, Aitor Rubio, Jose A. Pieters, Wolter Labunets, Katsiaryna G. Rasines, Daniel |
| author_sort | Rios Insua, David |
| collection | PubMed |
| description | Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with cyber threats potentially affecting them, prioritize the defense of their assets, and decide what security controls should be implemented. Many risk analysis methods are present in cybersecurity models, compliance frameworks, and international standards. However, most of them employ risk matrices, which suffer shortcomings that may lead to suboptimal resource allocations. We propose a comprehensive framework for cybersecurity risk analysis, covering the presence of both intentional and nonintentional threats and the use of insurance as part of the security portfolio. A simplified case study illustrates the proposed framework, serving as template for more complex problems. |
| format | Online Article Text |
| id | pubmed-7891439 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | John Wiley and Sons Inc. |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-78914392021-03-02 An Adversarial Risk Analysis Framework for Cybersecurity Rios Insua, David Couce‐Vieira, Aitor Rubio, Jose A. Pieters, Wolter Labunets, Katsiaryna G. Rasines, Daniel Risk Anal Original Research Articles Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with cyber threats potentially affecting them, prioritize the defense of their assets, and decide what security controls should be implemented. Many risk analysis methods are present in cybersecurity models, compliance frameworks, and international standards. However, most of them employ risk matrices, which suffer shortcomings that may lead to suboptimal resource allocations. We propose a comprehensive framework for cybersecurity risk analysis, covering the presence of both intentional and nonintentional threats and the use of insurance as part of the security portfolio. A simplified case study illustrates the proposed framework, serving as template for more complex problems. John Wiley and Sons Inc. 2019-06-10 2021-01 /pmc/articles/PMC7891439/ /pubmed/31183890 http://dx.doi.org/10.1111/risa.13331 Text en © 2019 The Authors. Risk Analysis published by Wiley Periodicals LLC on behalf of Society for Risk Analysis This is an open access article under the terms of the http://creativecommons.org/licenses/by-nc/4.0/ License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited and is not used for commercial purposes. |
| spellingShingle | Original Research Articles Rios Insua, David Couce‐Vieira, Aitor Rubio, Jose A. Pieters, Wolter Labunets, Katsiaryna G. Rasines, Daniel An Adversarial Risk Analysis Framework for Cybersecurity |
| title | An Adversarial Risk Analysis Framework for Cybersecurity |
| title_full | An Adversarial Risk Analysis Framework for Cybersecurity |
| title_fullStr | An Adversarial Risk Analysis Framework for Cybersecurity |
| title_full_unstemmed | An Adversarial Risk Analysis Framework for Cybersecurity |
| title_short | An Adversarial Risk Analysis Framework for Cybersecurity |
| title_sort | adversarial risk analysis framework for cybersecurity |
| topic | Original Research Articles |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7891439/ https://www.ncbi.nlm.nih.gov/pubmed/31183890 http://dx.doi.org/10.1111/risa.13331 |
| work_keys_str_mv | AT riosinsuadavid anadversarialriskanalysisframeworkforcybersecurity AT coucevieiraaitor anadversarialriskanalysisframeworkforcybersecurity AT rubiojosea anadversarialriskanalysisframeworkforcybersecurity AT pieterswolter anadversarialriskanalysisframeworkforcybersecurity AT labunetskatsiaryna anadversarialriskanalysisframeworkforcybersecurity AT grasinesdaniel anadversarialriskanalysisframeworkforcybersecurity AT riosinsuadavid adversarialriskanalysisframeworkforcybersecurity AT coucevieiraaitor adversarialriskanalysisframeworkforcybersecurity AT rubiojosea adversarialriskanalysisframeworkforcybersecurity AT pieterswolter adversarialriskanalysisframeworkforcybersecurity AT labunetskatsiaryna adversarialriskanalysisframeworkforcybersecurity AT grasinesdaniel adversarialriskanalysisframeworkforcybersecurity |