Search GSSD

Cybersecurity Standards: Managing Risk and Creating Resilience

Abstract: 
Risk based standards for cybersecurity analysis. Traditional risk assessment cannot cope with the rapidly evolving threats and massive scope of cyber threats. Mentions some improvements to existing systems such as the common vulnerability scoring system (CVSS). The National Institute for Standards and Technology (NIST) has worked to develop new standards following an executive order from President Obama. New standards still only evaluate vulnerability instead of risk. Proposes a risk assessment model based on empirical and suggestive data.
Author: 
Zachary A. Collier and Igor Linkov, Daniel DiMase and Steve Walters, Mark (Mohammad) Tehranipoor, James H. Lambert
Institution: 
US Army Engineer Research and Development Center, Society of Automotive Engineers G-19 Test Laboratory Standards Development Committee, University of Connecticut, University of Virginia
Year: 
2014
Input By: 
John Parsons
Affiliation: 
MIT
Industry Focus: 
Information & Telecommunication
Internet & Cyberspace
Country: 
United States
Datatype(s): 
Models
Policies