Final published version
Licence: CC BY: Creative Commons Attribution 4.0 International License
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - "Talking a different Language"
T2 - Anticipating adversary attack cost for cyber risk assessment
AU - Derbyshire, Ric
AU - Green, Benjamin
AU - Hutchison, David
PY - 2021/4/1
Y1 - 2021/4/1
N2 - Typical cyber security risk assessment methods focus on the system under consideration, its vulnerabilities, and the resulting impact in the event of a system compromise. Cyber security, however, increasingly requires anticipating the moves of intelligent adversaries, who make decisions based on a range of factors including the cost of their attacks. A study of current risk assessment literature and industry practice shows that consideration of this cost is a notable gap in the understanding of adversaries. The factors of cost experienced by an adversary are established in this paper as Time, Finance, and Risk, supported by a practical study undertaken with relevant security practitioners. Using these factors as a base, a framework is proposed and developed to support the probabilistic determination of cost incurred by an adversary. This framework is an important extension to existing cyber security risk assessments, and is demonstrated in the paper through the use of a case study.
AB - Typical cyber security risk assessment methods focus on the system under consideration, its vulnerabilities, and the resulting impact in the event of a system compromise. Cyber security, however, increasingly requires anticipating the moves of intelligent adversaries, who make decisions based on a range of factors including the cost of their attacks. A study of current risk assessment literature and industry practice shows that consideration of this cost is a notable gap in the understanding of adversaries. The factors of cost experienced by an adversary are established in this paper as Time, Finance, and Risk, supported by a practical study undertaken with relevant security practitioners. Using these factors as a base, a framework is proposed and developed to support the probabilistic determination of cost incurred by an adversary. This framework is an important extension to existing cyber security risk assessments, and is demonstrated in the paper through the use of a case study.
KW - cyber attack
KW - adversary
KW - cost
KW - risk assessment
KW - threat actor
KW - threat assessment
U2 - 10.1016/j.cose.2020.102163
DO - 10.1016/j.cose.2020.102163
M3 - Journal article
VL - 103
JO - Computers and Security
JF - Computers and Security
SN - 0167-4048
M1 - 102163
ER -