Next Article in Journal
Design of the Digital Pathology Workspace for Artificial Intelligence Integration
Previous Article in Journal
Synthesis of Optimal Static Gain Feedback Using a Fractional-Order Performance Index
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 16
Issue 12
10.3390/app16126018
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Article

Measuring Risk Likelihood in Cybersecurity

by
Pablo Corona-Fraga
1,*,
Vanessa Díaz-Rodriguez
2,
Jesús Manuel Niebla-Zatarain
3 and
Gabriel Sánchez-Pérez
4
1
INFOTEC Center for Research and Innovation in Information and Communication Technologies, Mexico City 14050, Mexico
2
National Supreme Court of Justice, Mexico City 06065, Mexico
3
Faculty of Law of Mazatlan, Autonomous University of Sinaloa, Mazatlán 82120, Mexico
4
ESIME Culhuacan, Instituto Politecnico Nacional, Mexico City 04440, Mexico
*
Author to whom correspondence should be addressed.
Appl. Sci. 2026, 16(12), 6018; https://doi.org/10.3390/app16126018 (registering DOI)
Submission received: 25 April 2026 / Revised: 19 May 2026 / Accepted: 1 June 2026 / Published: 14 June 2026
Versions Notes

Abstract

Cybersecurity risk is commonly expressed through impact and likelihood, yet likelihood remains difficult to estimate because cyber incidents are underreported, heterogeneous datasets are weakly comparable, and attacker behavior changes faster than conventional probability baselines. This article proposes a method for operationalizing likelihood through a cyber exposure profile that integrates external cyber knowledge and organization-specific telemetry into a graph-based representation. The contribution is a formally specified artifact chain—from unified data model through organization-specific profiling, metric registry, likelihood scoring, and control prioritization—that operationalizes four constructs grounded in incident evidence: exposure, traceability, motivation, and systems update. The pipeline provides a pathway from heterogeneous source evidence to a bounded likelihood indicator comparable across organizations and observation periods. An evaluation in 15 real organizations shows that those implementing the cyber exposure profile were associated with reduced incident frequency and faster detection and response times, providing preliminary empirical support for the framework’s directional claims.
Keywords: cybersecurity; likelihood; risk assessment; metrics; cyber exposure profile; knowledge graph cybersecurity; likelihood; risk assessment; metrics; cyber exposure profile; knowledge graph

Share and Cite

MDPI and ACS Style

Corona-Fraga, P.; Díaz-Rodriguez, V.; Niebla-Zatarain, J.M.; Sánchez-Pérez, G. Measuring Risk Likelihood in Cybersecurity. Appl. Sci. 2026, 16, 6018. https://doi.org/10.3390/app16126018

AMA Style

Corona-Fraga P, Díaz-Rodriguez V, Niebla-Zatarain JM, Sánchez-Pérez G. Measuring Risk Likelihood in Cybersecurity. Applied Sciences. 2026; 16(12):6018. https://doi.org/10.3390/app16126018

Chicago/Turabian Style

Corona-Fraga, Pablo, Vanessa Díaz-Rodriguez, Jesús Manuel Niebla-Zatarain, and Gabriel Sánchez-Pérez. 2026. "Measuring Risk Likelihood in Cybersecurity" Applied Sciences 16, no. 12: 6018. https://doi.org/10.3390/app16126018

APA Style

Corona-Fraga, P., Díaz-Rodriguez, V., Niebla-Zatarain, J. M., & Sánchez-Pérez, G. (2026). Measuring Risk Likelihood in Cybersecurity. Applied Sciences, 16(12), 6018. https://doi.org/10.3390/app16126018

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Article metric data becomes available approximately 24 hours after publication online.
Back to TopTop