Dynamic framework for assessing cyber security risks in a changing environment

Sergey Naumov, Ilya Kabanov

Research output: Chapter in Book/Report/Conference proceedingConference contribution

21 Scopus citations

Abstract

Cyber risk assessment frameworks aim at addressing a challenging problem that public and commercial organizations and nations embrace today - a proper estimation of likelihood of cyber-related risks and assessment of their potential impact on an enterprise. However, current frameworks fail at adapting to changes which happen in dynamically shifting environments and keep organizations blind to new possible threats. These threats may occur because of different changes happening internally or externally of the organization. For example, the global presence or digital footprint of the organization can significantly increase the exposure of an organization to cyber threats. Therefore, practitioners need new instruments which can be used to advise enterprises when and how their risk assessment methods and processes should be adjusted in order to stay relevant in a rapidly changing environment. In this work, the authors propose and validate a new method of applying a system dynamics approach for designing a dynamic risk assessment framework and introduce areas of future work.

Original languageEnglish (US)
Title of host publication2016 International Conference on Information Science and Communications Technologies, ICISCT 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509035465
DOIs
StatePublished - Dec 7 2016
Event2016 International Conference on Information Science and Communications Technologies, ICISCT 2016 - Tashkent, Uzbekistan
Duration: Nov 2 2016Nov 4 2016

Publication series

Name2016 International Conference on Information Science and Communications Technologies, ICISCT 2016

Conference

Conference2016 International Conference on Information Science and Communications Technologies, ICISCT 2016
Country/TerritoryUzbekistan
CityTashkent
Period11/2/1611/4/16

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems

Fingerprint

Dive into the research topics of 'Dynamic framework for assessing cyber security risks in a changing environment'. Together they form a unique fingerprint.

Cite this