IDEAS home Printed from https://ideas.repec.org/a/inm/ordeca/v17y4i2020p356-374.html
   My bibliography  Save this article

Assessing and Forecasting Cybersecurity Impacts

Author

Listed:
  • Aitor Couce-Vieira

    (Instituto de Ciencias Matemáticas, Consejo Superior de Investigaciones Científicas, Madrid 28049, Spain)

  • David Rios Insua

    (Instituto de Ciencias Matemáticas, Consejo Superior de Investigaciones Científicas, Madrid 28049, Spain; School of Management, University of Shanghai for Science and Technology, Shanghai 200093, P.R. China)

  • Alex Kosgodagan

    (Instituto de Ciencias Matemáticas, Consejo Superior de Investigaciones Científicas, Madrid 28049, Spain)

Abstract

Cyberattacks constitute a major threat to most organizations. Beyond financial consequences, they may entail multiple impacts that need to be taken into account when making risk management decisions to allocate the required cybersecurity resources. Experts have traditionally focused on a technical perspective of the problem by considering impacts in relation with the confidentiality, integrity, and availability of information. We adopt a more comprehensive approach identifying a broader set of generic cybersecurity objectives, the corresponding set of attributes, and relevant forecasting and assessment models. These are used as basic ingredients for decision support in cybersecurity risk management.

Suggested Citation

  • Aitor Couce-Vieira & David Rios Insua & Alex Kosgodagan, 2020. "Assessing and Forecasting Cybersecurity Impacts," Decision Analysis, INFORMS, vol. 17(4), pages 356-374, December.
    • Handle: RePEc:inm:ordeca:v:17:y:4:i:2020:p:356-374
    DOI: 10.1287/deca.2020.0418
    as

    Download full text from publisher

    File URL: https://doi.org/10.1287/deca.2020.0418
    Download Restriction: no
    File URL: https://libkey.io/10.1287/deca.2020.0418?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. James S. Dyer & Rakesh K. Sarin, 1982. "Relative Risk Aversion," Management Science, INFORMS, vol. 28(8), pages 875-886, August.
    2. Ralph L. Keeney & Timothy L. McDaniels, 1992. "Value-Focused Thinking about Strategic Decisions at BC Hydro," Interfaces, INFORMS, vol. 22(6), pages 94-109, December.
    3. James S. Dyer & Rakesh K. Sarin, 1979. "Group Preference Aggregation Rules Based on Strength of Preference," Management Science, INFORMS, vol. 25(9), pages 822-832, September.
    4. Viscusi, W Kip & Aldy, Joseph E, 2003. "The Value of a Statistical Life: A Critical Review of Market Estimates throughout the World," Journal of Risk and Uncertainty, Springer, vol. 27(1), pages 5-76, August.
    5. Ali Pala & Jun Zhuang, 2019. "Information Sharing in Cybersecurity: A Review," Decision Analysis, INFORMS, vol. 16(3), pages 172-196, September.
    6. Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
    7. Araz Taeihagh & Hazel Si Min Lim, 2019. "Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks," Transport Reviews, Taylor & Francis Journals, vol. 39(1), pages 103-128, January.
    8. Ralph L. Keeney & Robin S. Gregory, 2005. "Selecting Attributes to Measure the Achievement of Objectives," Operations Research, INFORMS, vol. 53(1), pages 1-11, February.
    9. Aniruddha Bagchi & Tridib Bandyopadhyay, 2018. "Role of Intelligence Inputs in Defending Against Cyber Warfare and Cyberterrorism," Decision Analysis, INFORMS, vol. 15(3), pages 174-193, September.
    10. repec:reg:rpubli:282 is not listed on IDEAS
    11. Peter H. Farquhar, 1984. "State of the Art---Utility Assessment Methods," Management Science, INFORMS, vol. 30(11), pages 1283-1300, November.
    12. Ralph L. Keeney & Detlof von Winterfeldt, 2011. "A Value Model for Evaluating Homeland Security Decisions," Risk Analysis, John Wiley & Sons, vol. 31(9), pages 1470-1487, September.
    13. Alessandro Acquisti & Leslie K. John & George Loewenstein, 2013. "What Is Privacy Worth?," The Journal of Legal Studies, University of Chicago Press, vol. 42(2), pages 249-274.
    14. Luis C. Dias & Alec Morton & John Quigley, 2018. "Elicitation: State of the Art and Science," International Series in Operations Research & Management Science, in: Luis C. Dias & Alec Morton & John Quigley (ed.), Elicitation, chapter 0, pages 1-14, Springer.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Abbas, Ali E. & Hupman, Andrea C., 2023. "Scale dependence in weight and rate multicriteria decision methods," European Journal of Operational Research, Elsevier, vol. 309(1), pages 225-235.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. William N. Caballero & Roi Naveiro & David Ríos Insua, 2022. "Modeling Ethical and Operational Preferences in Automated Driving Systems," Decision Analysis, INFORMS, vol. 19(1), pages 21-43, March.
    2. Javier Cano & David Ríos Insua & Alessandra Tedeschi & Ug̃ur Turhan, 2016. "Security economics: an adversarial risk analysis approach to airport protection," Annals of Operations Research, Springer, vol. 245(1), pages 359-378, October.
    3. Colson, Gérard, 1993. "Prenons-nous assez de risque dans les théories du risque?," L'Actualité Economique, Société Canadienne de Science Economique, vol. 69(1), pages 111-141, mars.
    4. Morrison, Gwendolyn C., 1997. "HYE and TTO: What is the difference?," Journal of Health Economics, Elsevier, vol. 16(5), pages 563-578, October.
    5. Richard M. Anderson & Robert Clemen, 2013. "Toward an Improved Methodology to Construct and Reconcile Decision Analytic Preference Judgments," Decision Analysis, INFORMS, vol. 10(2), pages 121-134, June.
    6. Cinelli, Marco & Kadziński, Miłosz & Miebs, Grzegorz & Gonzalez, Michael & Słowiński, Roman, 2022. "Recommending multiple criteria decision analysis methods with a new taxonomy-based decision support system," European Journal of Operational Research, Elsevier, vol. 302(2), pages 633-651.
    7. G. Quijano, Eduardo & Ríos Insua, David & Cano, Javier, 2018. "Critical networked infrastructure protection from adversaries," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 27-36.
    8. Mirakyan, Atom & Guio, R.D., 2014. "A methodology in innovative support of the integrated energy planning preparation and orientation phase," Energy, Elsevier, vol. 78(C), pages 916-927.
    9. Claude Le Pen, 1997. "Théorie de l'utilité et mesure des états de santé, le débat QALYs-HYEs," Économie et Prévision, Programme National Persée, vol. 129(3), pages 37-54.
    10. Gilberto Montibeller & L. Alberto Franco & Ashley Carreras, 2020. "A Risk Analysis Framework for Prioritizing and Managing Biosecurity Threats," Risk Analysis, John Wiley & Sons, vol. 40(11), pages 2462-2477, November.
    11. Rivelino R. De Icaza & Gregory S. Parnell & Edward A. Pohl, 2019. "Gulf Coast Port Selection Using Multiple-Objective Decision Analysis," Decision Analysis, INFORMS, vol. 16(2), pages 87-104, June.
    12. Ríos Insua, David & Cano, Javier & Pellot, Michael & Ortega, Ricardo, 2016. "Multithreat multisite protection: A security case study," European Journal of Operational Research, Elsevier, vol. 252(3), pages 888-899.
    13. Ali E. Abbas & Zhengwei Sun, 2015. "Multiattribute Utility Functions Satisfying Mutual Preferential Independence," Operations Research, INFORMS, vol. 63(2), pages 378-393, April.
    14. Ali E. Abbas, 2006. "Maximum Entropy Utility," Operations Research, INFORMS, vol. 54(2), pages 277-290, April.
    15. Ali E. Abbas & Zhengwei Sun, 2019. "Archimedean Utility Copulas with Polynomial Generating Functions," Decision Analysis, INFORMS, vol. 16(3), pages 218-237, September.
    16. Ali Yekkehkhany & Timothy Murray & Rakesh Nagi, 2021. "Stochastic Superiority Equilibrium in Game Theory," Decision Analysis, INFORMS, vol. 18(2), pages 153-168, June.
    17. Vicki M. Bier & Simon French, 2020. "From the Editors: Decision Analysis Focus and Trends," Decision Analysis, INFORMS, vol. 17(1), pages 1-8, March.
    18. Kalogeras, Nikos & Pennings, Joost M.E. & Garcia, Philip, 2006. "What Drives Strategic Behavior? A Framework to Explain and Predict SMEs' Transition to Sustainable Production Systems," 2006 Annual meeting, July 23-26, Long Beach, CA 21354, American Agricultural Economics Association (New Name 2008: Agricultural and Applied Economics Association).
    19. Robin L. Dillon & Genevieve Lester & Richard S. John & Catherine H. Tinsley, 2012. "Differentiating Conflicts in Beliefs Versus Value Tradeoffs in the Domestic Intelligence Policy Debate," Risk Analysis, John Wiley & Sons, vol. 32(4), pages 713-728, April.
    20. Milad Zamanifar & Timo Hartmann, 2021. "A prescriptive framework for recommending decision attributes of infrastructure disaster recovery problems," Environment Systems and Decisions, Springer, vol. 41(4), pages 633-650, December.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:inm:ordeca:v:17:y:4:i:2020:p:356-374. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Asher (email available below). General contact details of provider: https://edirc.repec.org/data/inforea.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.