When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is motivated by real-world observations and data, there is always a high chance of assigning inaccurate values due to different uncertainties involved (e.g., evolving threat landscape, human errors) and the natural difficulty of quantifying risk. Existing models empower organizations to compute optimal cybersecurity strategies given their financial constraints, i.e., available cybersecurity budget. Further, a general game-theoretic model with uncertain payoffs (probability-distribution-valued...
We study the decision-making problem in cybersecurity risk planning concerning resource allocation s...
Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with ...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values...
Abstract. In this paper we investigate how to optimally invest in cyber-security controls. We are pa...
Cyber security is among the most complex and rapidly evolving issues and has been the focus of prese...
The predictability and understandability of the world around us is limited, and many events are unce...
When investing in cyber security resources, information security managers have to follow effective d...
AbstractWhen investing in cyber security resources, information security managers have to follow eff...
Stackelberg Security Games (SSG) have been widely applied for solving real-world security problems—w...
To analyze strategic interactions arising in the cyber-security context, we develop a new reputation...
The aim of this paper is to deepen the application of value at risk in the cyber domain, with partic...
Cybersecurity has become a key factor that determines the success or failure of companies that rely ...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
While there are significant advances in information technology and infrastructure which offer new op...
We study the decision-making problem in cybersecurity risk planning concerning resource allocation s...
Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with ...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values...
Abstract. In this paper we investigate how to optimally invest in cyber-security controls. We are pa...
Cyber security is among the most complex and rapidly evolving issues and has been the focus of prese...
The predictability and understandability of the world around us is limited, and many events are unce...
When investing in cyber security resources, information security managers have to follow effective d...
AbstractWhen investing in cyber security resources, information security managers have to follow eff...
Stackelberg Security Games (SSG) have been widely applied for solving real-world security problems—w...
To analyze strategic interactions arising in the cyber-security context, we develop a new reputation...
The aim of this paper is to deepen the application of value at risk in the cyber domain, with partic...
Cybersecurity has become a key factor that determines the success or failure of companies that rely ...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
While there are significant advances in information technology and infrastructure which offer new op...
We study the decision-making problem in cybersecurity risk planning concerning resource allocation s...
Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with ...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...