Next Article in Journal
Hedging with Liquidity Risk under CEV Diffusion
Next Article in Special Issue
Criminal Investigation and Criminal Intelligence: Example of Adaptation in the Prevention and Repression of Cybercrime
Previous Article in Journal
A Bank Salvage Model by Impulse Stochastic Controls
Previous Article in Special Issue
Towards an Economic Cyber Loss Index for Parametric Cover Based on IT Security Indicator: A Preliminary Analysis
Open AccessArticle

A Multivariate Model to Quantify and Mitigate Cybersecurity Risk

Data 61, Commonwealth Scientific and Industrial Research Organisation (CSIRO), Melbourne 3008, Australia
*
Author to whom correspondence should be addressed.
Risks 2020, 8(2), 61; https://doi.org/10.3390/risks8020061
Received: 2 February 2020 / Revised: 25 May 2020 / Accepted: 30 May 2020 / Published: 4 June 2020
(This article belongs to the Special Issue Cyber Risk and Security)
The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types of attack and the effect of mitigation strategies on those attacks. Utilising collected cyber attack data and assumptions on mitigation approaches, we look at an example of using the model to optimise the choice of mitigations. We find that the optimal choice of mitigations will depend on the goal—to prevent extreme damages or damage on average. Numerical experiments suggest the dependence aspect is important and can alter final risk estimates by as much as 30%. The methodology can be used to quantify the cost of cyber attacks and support decision making on the choice of optimal mitigation strategies. View Full-Text
Keywords: cyber risk; optimal mitigations; value at risk (VaR); operational risk cyber risk; optimal mitigations; value at risk (VaR); operational risk
Show Figures

Figure 1

MDPI and ACS Style

Bentley, M.; Stephenson, A.; Toscas, P.; Zhu, Z. A Multivariate Model to Quantify and Mitigate Cybersecurity Risk. Risks 2020, 8, 61. https://doi.org/10.3390/risks8020061

AMA Style

Bentley M, Stephenson A, Toscas P, Zhu Z. A Multivariate Model to Quantify and Mitigate Cybersecurity Risk. Risks. 2020; 8(2):61. https://doi.org/10.3390/risks8020061

Chicago/Turabian Style

Bentley, Mark; Stephenson, Alec; Toscas, Peter; Zhu, Zili. 2020. "A Multivariate Model to Quantify and Mitigate Cybersecurity Risk" Risks 8, no. 2: 61. https://doi.org/10.3390/risks8020061

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop