QuantTM: Business-Centric Threat Quantification for Risk Management and Cyber Resilience
- URL: http://arxiv.org/abs/2402.14140v1
- Date: Wed, 21 Feb 2024 21:34:06 GMT
- Title: QuantTM: Business-Centric Threat Quantification for Risk Management and Cyber Resilience
- Authors: Jan von der Assen, Muriel F. Franco, Muyao Dong, Burkhard Stiller,
- Abstract summary: QuantTM is an approach that incorporates views from operational and strategic business representatives to collect threat information.
It empowers the analysis of threats' impacts and the applicability of security controls.
- Score: 0.259990372084357
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Threat modeling has emerged as a key process for understanding relevant threats within businesses. However, understanding the importance of threat events is rarely driven by the business incorporating the system. Furthermore, prioritization of threat events often occurs based on abstract and qualitative scoring. While such scores enable prioritization, they do not allow the results to be easily interpreted by decision-makers. This can hinder downstream activities, such as discussing security investments and a security control's economic applicability. This article introduces QuantTM, an approach that incorporates views from operational and strategic business representatives to collect threat information during the threat modeling process to measure potential financial loss incurred by a specific threat event. It empowers the analysis of threats' impacts and the applicability of security controls, thus supporting the threat analysis and prioritization from an economic perspective. QuantTM comprises an overarching process for data collection and aggregation and a method for business impact analysis. The performance and feasibility of the QuantTM approach are demonstrated in a real-world case study conducted in a Swiss SME to analyze the impacts of threats and economic benefits of security controls. Secondly, it is shown that employing business impact analysis is feasible and that the supporting prototype exhibits great usability.
Related papers
- Safety vs. Performance: How Multi-Objective Learning Reduces Barriers to Market Entry [86.79268605140251]
We study whether there are insurmountable barriers to entry in emerging markets for large language models.
We show that the required number of data points can be significantly smaller than the incumbent company's dataset size.
Our results demonstrate how multi-objective considerations can fundamentally reduce barriers to entry.
arXiv Detail & Related papers (2024-09-05T17:45:01Z) - Enhancing Cyber Security through Predictive Analytics: Real-Time Threat Detection and Response [0.0]
The study uses a dataset from Kaggle with 2000 instances of network traffic and security events.
The findings show that predictive analytics enhance the vigilance of threats and response time.
This paper advocates for predictive analytics as an essential component for developing preventative cyber security strategies.
arXiv Detail & Related papers (2024-07-15T16:11:34Z) - Threat-Informed Cyber Resilience Index: A Probabilistic Quantitative Approach to Measure Defence Effectiveness Against Cyber Attacks [0.36832029288386137]
This paper introduces the Cyber Resilience Index (CRI), a threat-informed probabilistic approach to quantifying an organisation's defence effectiveness against cyber-attacks (campaigns)
Building upon the Threat-Intelligence Based Security Assessment (TIBSA) methodology, we present a mathematical model that translates complex threat intelligence into an actionable, unified metric similar to a stock market index, that executives can understand and interact with while teams can act upon.
arXiv Detail & Related papers (2024-06-27T17:51:48Z) - Safety in Graph Machine Learning: Threats and Safeguards [84.26643884225834]
Despite their societal benefits, recent research highlights significant safety concerns associated with the widespread use of Graph ML models.
Lacking safety-focused designs, these models can produce unreliable predictions, demonstrate poor generalizability, and compromise data confidentiality.
In high-stakes scenarios such as financial fraud detection, these vulnerabilities could jeopardize both individuals and society at large.
arXiv Detail & Related papers (2024-05-17T18:11:11Z) - QBER: Quantifying Cyber Risks for Strategic Decisions [0.0]
We introduce QBER approach to offer decision-makers measurable risk metrics.
The QBER evaluates losses from cyberattacks, performs detailed risk analyses based on existing cybersecurity measures, and provides thorough cost assessments.
Our contributions involve outlining cyberattack probabilities and risks, identifying Technical, Economic, and Legal (TEL) impacts, creating a model to gauge impacts, suggesting risk mitigation strategies, and examining trends and challenges in implementing widespread Cyber Risk Quantification (CRQ)
arXiv Detail & Related papers (2024-05-06T14:25:58Z) - Mapping LLM Security Landscapes: A Comprehensive Stakeholder Risk Assessment Proposal [0.0]
We propose a risk assessment process using tools like the risk rating methodology which is used for traditional systems.
We conduct scenario analysis to identify potential threat agents and map the dependent system components against vulnerability factors.
We also map threats against three key stakeholder groups.
arXiv Detail & Related papers (2024-03-20T05:17:22Z) - It Is Time To Steer: A Scalable Framework for Analysis-driven Attack Graph Generation [50.06412862964449]
Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks.
Current solutions propose to address the generation problem from the algorithmic perspective and postulate the analysis only after the generation is complete.
This paper rethinks the classic AG analysis through a novel workflow in which the analyst can query the system anytime.
arXiv Detail & Related papers (2023-12-27T10:44:58Z) - Safety Margins for Reinforcement Learning [53.10194953873209]
We show how to leverage proxy criticality metrics to generate safety margins.
We evaluate our approach on learned policies from APE-X and A3C within an Atari environment.
arXiv Detail & Related papers (2023-07-25T16:49:54Z) - On the Security Risks of Knowledge Graph Reasoning [71.64027889145261]
We systematize the security threats to KGR according to the adversary's objectives, knowledge, and attack vectors.
We present ROAR, a new class of attacks that instantiate a variety of such threats.
We explore potential countermeasures against ROAR, including filtering of potentially poisoning knowledge and training with adversarially augmented queries.
arXiv Detail & Related papers (2023-05-03T18:47:42Z) - Assessing Risks and Modeling Threats in the Internet of Things [0.0]
We develop an IoT attack taxonomy that describes the adversarial assets, adversarial actions, exploitable vulnerabilities, and compromised properties that are components of any IoT attack.
We use this IoT attack taxonomy as the foundation for designing a joint risk assessment and maturity assessment framework.
The usefulness of this IoT framework is highlighted by case study implementations in the context of multiple industrial manufacturing companies.
arXiv Detail & Related papers (2021-10-14T23:36:00Z) - Balancing detectability and performance of attacks on the control
channel of Markov Decision Processes [77.66954176188426]
We investigate the problem of designing optimal stealthy poisoning attacks on the control channel of Markov decision processes (MDPs)
This research is motivated by the recent interest of the research community for adversarial and poisoning attacks applied to MDPs, and reinforcement learning (RL) methods.
arXiv Detail & Related papers (2021-09-15T09:13:10Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.