Statistical models for the number of successful cyber intrusions

Leslie, Nandi; Harang, Richard; Knachel, Lawrence; Kott, Alexander

doi:10.1177/1548512917715342

Cited by 17 publications

(7 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, estimating probability distributions that model the frequency of cyber-attacks is a difficult and ongoing area of research. 56,57 One approach is to utilize the triangular distribution 58 which has the convenient property that it is simple to elicit -generally an expert is asked to provide a maximum, minimum, and most-likely value for some variable of interest. 59 Empirical data are typically not available for certain parameters such as ARO and MR, and therefore experts must be consulted to estimate them.…”

Section: Limitationsmentioning

confidence: 99%

On metrics and prioritization of investments in hardware security

Collier

Briglia

Finkelston

et al. 2023

Systems Engineering

View full text Add to dashboard Cite

The security risks posed by electronics are numerous. There are typically a variety of risk‐reducing countermeasures for a given system or across an enterprise. Each countermeasure is associated with both a level of risk reduction and its lifecycle costs. Given budgetary constraints, risk managers and systems engineers must determine what combinations of countermeasures cost‐effectively maximize risk reduction, and what metrics best guide the investment process. In this paper, we seek to answer these questions through exploration of risk reduction metrics from the field of security economics, including the benefit/cost ratio, return on security investment (ROSI), expected benefit of information security (EBIS), and expected net benefit of information security (ENBIS). The results suggest that ratio‐based metrics are not strongly correlated with risk reduction, while EBIS is equivalent to risk reduction and ENBIS is equal to risk reduction minus cost.

show abstract

Section: Limitationsmentioning

confidence: 99%

On metrics and prioritization of investments in hardware security

Collier

Briglia

Finkelston

et al. 2023

Systems Engineering

View full text Add to dashboard Cite

show abstract

“…Instead, we will use a counting process that has a Negative Binomial distribution at time t. The Negative Binomial distribution is often used for fitting to count data, and is well known in operational risk. The application of the negative binomial distribution to real world data is done in a cybersecurity context in Leslie et al (2018).…”

Section: A Univariate Model For Lossesmentioning

confidence: 99%

A Multivariate Model to Quantify and Mitigate Cybersecurity Risk

Bentley

Stephenson

Toscas

et al. 2020

Risks

View full text Add to dashboard Cite

The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types of attack and the effect of mitigation strategies on those attacks. Utilising collected cyber attack data and assumptions on mitigation approaches, we look at an example of using the model to optimise the choice of mitigations. We find that the optimal choice of mitigations will depend on the goal—to prevent extreme damages or damage on average. Numerical experiments suggest the dependence aspect is important and can alter final risk estimates by as much as 30%. The methodology can be used to quantify the cost of cyber attacks and support decision making on the choice of optimal mitigation strategies.

show abstract

“…The key components of cyber risk are relatively well understood. The likelihood of a successful cyber attack can be empirically measured and estimated apriori with a degree of accuracy from known characteristics of a system or network (Leslie et al 2017), (Gil et al 2014). The cyber impact on a system is a topic in which assessment methods are being developed (Kott et al 2017).…”

Section: Resilience and Systemsmentioning

confidence: 99%

Fundamental Concepts of Cyber Resilience: Introduction and Overview

Linkov

Kott

2018

Cyber Resilience of Systems and Networks

Self Cite

103

View full text Add to dashboard Cite

Society is increasingly reliant upon complex and interconnected cyber systems to conduct daily life activities. From personal finance to managing defense capabilities to controlling a vast web of aircraft traffic, digitized information systems and software packages have become integrated at virtually all levels of individual and collective activity. While such integration has been met with immense increases in efficiency of service delivery, it has also been subject to a diverse body of threats from nefarious hackers, groups, and even state government bodies. Such cyber threats have shifted over time to affect various cyber functionalities, such as with Direct Denial of Service (DDoS), data theft, changes to data code, infection via computer virus, and many others.

show abstract

Statistical models for the number of successful cyber intrusions

Cited by 17 publications

References 35 publications

On metrics and prioritization of investments in hardware security

On metrics and prioritization of investments in hardware security

A Multivariate Model to Quantify and Mitigate Cybersecurity Risk

Fundamental Concepts of Cyber Resilience: Introduction and Overview

Contact Info

Product

Resources

About