EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Measuring and Mitigating the Risk of Advanced Cyberattackers

Amitai Gilad () and Asher Tishler ()
Additional contact information
Amitai Gilad: Coller School of Management, Tel Aviv University, Tel Aviv 6997801, Israel
Asher Tishler: Coller School of Management, Tel Aviv University, Tel Aviv 6997801, Israel

Decision Analysis, 2024, vol. 21, issue 4, 215-234

Abstract: Sophisticated cyberattackers (commonly known as advanced persistent threats (APTs)) pose enormous risks to organizations such as financial institutions, industrial and commercial firms, government institutions, and power grids. This study presents a method and an index to measure the vulnerability of organizations to APT risk and shows why a one-size-fits-all solution to mitigate APT risk does not exist. Our vulnerability index is based on a model that describes the optimal behavior of a cyberattacker (APT) with research and development capabilities aspiring to attack a network that manages the organization and a network operator that deploys blocking and detection measures to protect its organization from the attack. We demonstrate how our vulnerability index, which accounts for the network’s structure and the APTs’ resources and strategy, can be used in realistic risk assessments and optimal resource allocation procedures and serve as a benchmark for organizations’ preparedness against APTs’ cyberattacks. We also propose that regulatory agencies of financial (and other) institutions provide the parameters that define an APT’s profile and request, as part of their periodic assessments of the organizations that they regulate, that our (or similar) vulnerability index will be reported to them by the regulated institutions. Finally, the viability of our index in modeling modern cybersecurity defense procedures shows that not only there is no silver bullet defense against all types of APTs, it is also imperative to account for APTs’ heterogeneity because detection and blocking measures can be complements, substitutes, or even degrade each other. For example, when the attacker’s (defender’s) budget is extremely large (small), the defender should deploy only detection measures, strongly advocating Zero Trust practices.

Keywords: cyberattacks; vulnerability index; cyber weapons; cyber countermeasures; APT risk (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://dx.doi.org/10.1287/deca.2023.0072 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:ordeca:v:21:y:2024:i:4:p:215-234

Access Statistics for this article

More articles in Decision Analysis from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:ordeca:v:21:y:2024:i:4:p:215-234