The PIVO process for identifying vulnerabilities impact for organisation risks: An automated solution

Jean-Luc Simoni, Alexis Ulliac, Thomas Massip and Thomas Devaux
Additional contact information
Jean-Luc Simoni: Thales SIX GTS France, France
Alexis Ulliac: Thales SIX GTS France, France
Thomas Massip: Thales SIX GTS France, France
Thomas Devaux: Thales SIX GTS France, France

Cyber Security: A Peer-Reviewed Journal, 2022, vol. 6, issue 1, 62-78

Abstract: Risk management (RM) and vulnerability management (VM) are both essential cyber security domains. They are often managed independently without a proper interface to provide context information to each other and share information. This paper proposes an approach to connect RM and VM processes based on data standardisation through referential and automation to relate vulnerabilities to operational risk scenarios. The focus is mainly on the identification of the referential and their added value to complement a method described in a previous paper.

Keywords: vulnerability management; risk management; CMDB; automation; CVSS; cyber kill chain (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2022
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/7182/download/ (application/pdf)
https://hstalks.com/article/7182/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2022:v:6:i:1:p:62-78

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().