Abstract
Organizations are exposed to cyber-attacks on a regular basis. Managers in these organizations are using scoring systems to evaluate the risks of the attacks they are exposed to. Information security methodologies define three major security objectives: confidentiality, integrity and availability. This work is focused on defining new network exposure measures affecting the availability. According to existing security scoring models network exposure risks are assessed by assigning availability measures on an ordinal scale using users' subjective assessment. In this work quantitative objective measures are defined and presented, based on the specific organizational network, thus improving accuracy of the scores computed by the current security risk scoring models.
Original language | English |
---|---|
Pages (from-to) | 399-404 |
Number of pages | 6 |
Journal | International Journal of Advanced Computer Science and Applications |
Volume | 9 |
Issue number | 4 |
DOIs | |
State | Published - 2018 |
Externally published | Yes |
Bibliographical note
Publisher Copyright:© 2015 The Science and Information (SAI) Organization Limited.
Keywords
- Cyber-attack
- Exposure
- Risk scoring
- Security
- Vulnerability