Abstract
The paper presents a hierarchical, two-level approach to on-line cyber risk assessment at the national level. It takes into account cyber threats and vulnerabilities identified at the lower level formed by essential service operators and digital service providers. A computational algorithm is proposed, making use of the local measurements and assessments and its asynchronous convergence is proved. At the end a case study concerning a system consisting of four entities is presented.
Highlights
The article develops a hierarchical, two-level approach to an on-line national level risk assessment (NLRA), taking into account cyber threats and vulnerabilities identified at the lower level, which comprises key service operators and digital service providers
We proposed a hierarchical, two-level on-line scheme for the national-level risk assessments, where local entities repetitively prepare their own assessments used by the Center to coordinate those assessments and to evaluate the overall risks
Our on-line risk assessment algorithm is predictive, taking into account temporal dependencies of local entities on cyber threats and services provided by other local entities
Summary
The article develops a hierarchical, two-level approach to an on-line national level risk assessment (NLRA), taking into account cyber threats and vulnerabilities identified at the lower level, which comprises key service operators and digital service providers. COORDINATION Assume that we initiate at a given time the analysis that will provide us with an overall risk assessment, under current conditions, over future time intervals T s as defined above for all s ∈ S, where S is the set of all considered entities (services). The scenarios Du,(k) for u ∈ U s are used together with all currently available information at LE level (likelihoods of cyber threats, local vulnerabilities, observed incidents, etc.) to perform local risk analysis and to estimate a new value Ds,(k),new of the (output) scenario of the entity s After this is done for all entities, the suite of new predicted scenarios for iteration k + 1 may be computed at the CNT level. The properties of this process should be examined in terms of the relevant factors, in particular the LE level analysis procedures and the dynamics of the local assessment problems
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.