A Method for Developing Algorithms for Assessing Cyber-Risk Cost
MetadataShow full item record
Original version17th IEEE International Conference on Software Quality, Reliability and Security (QRS 2017), Prague, 25-29 July, 2017, 192-199
We present a method for developing executable algorithms for quantitative cyber-risk assessment. Exploiting techniques from security risk modeling and actuarial approaches, the method pragmatically combines use of available empirical data and expert judgments. The input to the algorithms are indicators providing information about the target of analysis, such as suspicious events observed in the network. Automated execution of the algorithms facilitates continuous assessment.