A threat‐intelligence driven methodology to incorporate uncertainty in cyber risk analysis and enhance decision‐making

Author:

Dekker Martijn1,Alevizos Lampis2ORCID

Affiliation:

1. Amsterdam Business School, Faculty of Economics and Business University of Amsterdam (UvA) Amsterdam The Netherlands

2. School of Computer Science – Laboratory of Security and Forensic Research (SAFeR) University of Central Lancashire (UCLan) Preston UK

Abstract

AbstractThe challenge of decision‐making under uncertainty in information security has become increasingly important, given the unpredictable probabilities and effects of events in the ever‐changing cyber threat landscape. Cyber threat intelligence provides decision‐makers with the necessary information and context to understand and anticipate potential threats, reducing uncertainty, and improving the accuracy of risk analysis. The latter is a principal element of evidence‐based decision‐making, and it is essential to recognize that addressing uncertainty requires a new, threat‐intelligence (TI) driven methodology, and risk analysis approach. We propose a solution to this challenge by introducing a TI‐based security assessment methodology and a decision‐making strategy that considers both known unknowns and unknown unknowns. The proposed methodology aims to enhance the quality of decision‐making by utilizing causal graphs, which offer an alternative to conventional methodologies that rely on attack trees, resulting in a reduction of uncertainty. Furthermore, we consider tactics, techniques, and procedures that are possible, probable, and plausible, improving the predictability of adversary behavior. Our proposed solution provides practical guidance for information security leaders to make informed decisions in uncertain situations. This paper offers a new perspective on addressing the challenge of decision‐making under uncertainty in information security by introducing a methodology that can help decision‐makers navigate the intricacies of the dynamic and continuously evolving landscape of cyber threats.

Publisher

Wiley

Subject

Modeling and Simulation

Reference56 articles.

1. DekkerM.Medium.com.March 19 2022. Accessed 15 January 2023.https://martijn‐dekker.medium.com/managing‐information‐security‐is‐managing‐uncertainty‐1f8c17148e45

2. ISO.International Organization for Standardization. International Organization for Standardization. 2018. Accessed January 15 2023.https://www.iso.org/news/ref2263.html

3. ISO.International Organization for Standardization. 2022. Accessed 15 January 2023.iso.org/obp/ui/#iso:std:iso‐iec:27005:ed‐4:v1:en

4. ISO/IEC.International Organization for Standardization (ISO). October 4 2022. Accessed December 28 2022.https://www.iso.org/standard/80585.html

5. NIST.National Institute of Standards and Technology. April 16 2018. Accessed January 12 2023.https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf

Cited by 7 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3