Skip to main content
Article thumbnail
Location of Repository

Corresponding Author:

By  and R. David ParkerCsilla Farkas and R. David Parker

Abstract

requests $769 million dollars for information security initiatives under the Department of Homeland Security. Projected annual spending for information security exceeds $10 billion by 2015. A new method using validated processes to quantitatively identify risk of a successful cyber attack would allow targeted interventions and a more efficient use of funds. Estimating the risk of a successful cyber attack is an important objective in this field. Validated methods imported from other fields to information technology such as epidemiologic statistical modeling could be of substantial benefit. This modeling not only determines the direction of influence, whether increasing or mitigating, but allows a standard unit across multiple areas allowing experts to determine the areas at greater increased risk. Extant data imported into a Cyber Security Surveillance System (CS 3), statistical modeling would calculate the cumulative effects of multiple factors on specific risk factors. The model outputs statistics allowing easy interpretation of the potential risk introduced by factor. Measuring the estimated risk in multiple domains within a predetermined unit (whether organizational or geographic) would enable decision makers to intervene prior to an attack and implement preventative measures to improve system stability

Topics: risk estimation, risk prediction, information
Year: 2013
OAI identifier: oai:CiteSeerX.psu:10.1.1.352.8673
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.cse.sc.edu/~farkas/... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.