Cyber Harm Model and Harm‑Based Risk Assessment: A Conceptual Framework
The article advocates for a shift in cyber risk assessment from a threat‑centric to a harm‑centric approach. Current models often neglect qualitative and cascading impacts of cyber incidents. The proposed Cyber Harm Model (CHM) aims to address this gap, providing a comprehensive framework for assessing and mitigating harm, using empirical data from Critical Information Infrastructures.