A Method for Developing Algorithms for Assessing Cyber-Risk Cost
Chapter
Submitted version
Permanent lenke
http://hdl.handle.net/11250/2467497Utgivelsesdato
2017Metadata
Vis full innførselSamlinger
- Publikasjoner fra CRIStin - SINTEF AS [4655]
- SINTEF Digital [1823]
Originalversjon
17th IEEE International Conference on Software Quality, Reliability and Security (QRS 2017), Prague, 25-29 July, 2017, 192-199Sammendrag
We present a method for developing executable algorithms for quantitative cyber-risk assessment. Exploiting techniques from security risk modeling and actuarial approaches, the method pragmatically combines use of available empirical data and expert judgments. The input to the algorithms are indicators providing information about the target of analysis, such as suspicious events observed in the network. Automated execution of the algorithms facilitates continuous assessment.