To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

Cyber risk quantification

From Wikipedia, the free encyclopedia

Cyber risk quantification involves the application of risk quantification techniques to an organization's cybersecurity risk. Cyber risk quantification is the process of evaluating the cyber risks that have been identified and then validating, measuring and analyzing the available cyber data using mathematical modeling techniques to accurately represent the organization's cybersecurity environment in a manner that can be used to make informed cybersecurity infrastructure investment and risk transfer decisions. Cyber risk quantification is a supporting activity to cybersecurity risk management; cybersecurity risk management is a component of enterprise risk management and is especially important in organizations and enterprises that are highly dependent upon their information technology (IT) networks and systems for their business operations.

One method of quantifying cyber risk is the value-at-risk (VaR) method that is discussed at the January 2015 World Economic Forum meeting.[1] At this meeting, VaR was studied and researched and deemed to be a viable method of quantifying cyber risk.

YouTube Encyclopedic

  • 1/3
    Views:
    1 052
    962
    2 338
  • Quantifying Cyber Risk
  • FAIR Cyber Risk Quantification - How Does FAIR Fit Into Your Cyber Strategy?
  • CertMike Explains Quantitative Risk Assessment

Transcription

Practical Implementations

Cyber risk quantification has been used in a variety of practical applications, including:

  1. Cyber insurance [2]
  2. Cyber Security Return on Investment [3][4]
  3. Software Mitigation Costs [5]
  4. Cybersecurity risk assessments [6]

Mathematical definition

The mathematical definition of Cyber-Risk is as follows:

  • Cyber-Risk = 1 - Cyber-Confidence

'Cyber-Confidence' is / are the actual executed tests which have passed. This value can be converted to a statistical probability & the associated Cyber-Risk calculated:

  • Example-1: 'A certain number' of tests have been executed & passed. Let's imagine that it yields a Defect-Free Confidence of 97.43%. Answer: Cyber-Risk = 2.57%.
  • Example-2: All 65,536 TCP ports & 65,536 UDP ports are confirmed to be dead or inactive on an asset; how resistant to penetration is it ? Answer: Cyber-Confidence = 99.83%, Cyber-Risk = 0.17%

Typically, this form of Cyber-Confidence &/or Cyber-Risk estimation is termed Testimation because:

  • It can be applied to estimate the number of tests required for any desired level of Cyber-Confidence
  • It can be applied to estimate the Cyber-Confidence (& Cyber-Risk) based upon the number of tests which have actually been executed & passed

See also

References

  1. ^ "New Framework to Help Companies Calculate Risk of Cyberattacks". Archived from the original on September 28, 2016.
  2. ^ Orlando, Albina (2021). "Cyber Risk Quantification: Investigating the Role of Cyber Value at Risk". Risks. 9 (10): 184. doi:10.3390/risks9100184. hdl:10419/258268.
  3. ^ Alsaleh, Mohammed Noraden; Husari, Ghaith; Al-Shaer, Ehab (2016). "Optimizing the RoI of cyber risk mitigation". 2016 12th International Conference on Network and Service Management (CNSM). pp. 223–227. doi:10.1109/CNSM.2016.7818421. S2CID 16037703.
  4. ^ Alsaleh, Mohammed Noraden; Al-Shaer, Ehab; Husari, Ghaith (2017). "ROI-Driven Cyber Risk Mitigation Using Host Compliance and Network Configuration". Journal of Network and Systems Management. 25 (4): 759–783. doi:10.1007/s10922-017-9428-x. S2CID 20994581.
  5. ^ De Corniere, Alexandre; Taylor, Greg (August 2021). "A Model of Information Security and Competition". SSRN 3928754. Archived from the original on October 26, 2021.
  6. ^ "Guide to NIST Risk Assessments". www.securityscientist.net. Security Scientist. March 7, 2023. Retrieved March 10, 2023.

External links

This page was last edited on 3 January 2024, at 01:42
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy