 An Adversarial Risk Analysis Framework for CybersecurityDavid Rios Insua,
Aitor Couce‐Vieira,
Jose A. Rubio,
Wolter Pieters,
Katsiaryna Labunets and
Daniel G. Rasines
Risk Analysis, 2021, vol. 41, issue 1, 16-36 Abstract: Risk analysis is an essential methodology for cybersecurity as it allows organizations to deal with cyber threats potentially affecting them, prioritize the defense of their assets, and decide what security controls should be implemented. Many risk analysis methods are present in cybersecurity models, compliance frameworks, and international standards. However, most of them employ risk matrices, which suffer shortcomings that may lead to suboptimal resource allocations. We propose a comprehensive framework for cybersecurity risk analysis, covering the presence of both intentional and nonintentional threats and the use of insurance as part of the security portfolio. A simplified case study illustrates the proposed framework, serving as template for more complex problems. Date: 2021 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:wly:riskan:v:41:y:2021:i:1:p:16-36 Access Statistics for this article More articles in Risk Analysis from John Wiley & Sons |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.