3. Cyber risk analysis
This section uses case studies to address the specific challenges of cyber risk analysis.
Detecting cyber risk and taking into account the severity of an intrusion involves defining several items: the intrinsic severity of an intrusion, the probability of being exposed to the risk and of detecting it.
3.1 Defining a severity level
In terms of risk analysis, information systems security involves defining a scale of severity for each type of incident.
The example in table 5 is a severity scale used by a company in the industrial sector, defining the level of compromise of assets and systems by level of impact in the event of an intrusion....
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
This article is included in
Security of information systems
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Cyber risk analysis
Bibliography
Bibliography
Websites
Hack this site http://www.hackthissite.org
Newbie Contest http://www.newbiecontest.org
ANSSI (French National Agency for Information Systems Security) https://www.ssi.gouv.fr/
...Standards and norms
- Information Technology – Safety technology – Information security management systems – Requirements - ISO/IEC 27001:2013 - 2013
- Information Technology – Safety technology – Code of practice for information security management - ISO/IEC 27002:2013 - 2013
Regulations
Law no. 2013-1168 of December 18, 2013 on military programming for the years 2014 to 2019 and on various provisions concerning defense and national security
Regulation No. 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference