3 résultats pour « Risk assessment »

From Insight to Compliance: Appropriate Technical and Organisational Security Measures Through the Lens of Cybersecurity Maturity Models

Date : Tags : , , , , , , ,
“... this article provides anchorage to scholarly audiences when scrutinizing the extent to which privacy and security measures qualify as ‘appropriate’ in the context of liability claims and actions for damages, thereby creating an opportunity to move from technical insight to legal compliance.”
Lire la suite

Cyber Harm Model and Harm‑Based Risk Assessment: A Conceptual Framework

Date : Tags : , , , , , , , , ,
The article advocates for a shift in cyber risk assessment from a threat-centric to a harm-centric approach. Current models often neglect qualitative and cascading impacts of cyber incidents. The proposed Cyber Harm Model (CHM) aims to address this gap, providing a comprehensive framework for assessing and mitigating harm, using empirical data from Critical Information Infrastructures.
Lire la suite

A novel scaling approach for unbiased adjustment of risk estimators

Date : Tags : , , , , ,
The paper addresses challenges in risk assessment from limited, non-stationary historical data and heavy-tailed distributions. It introduces a novel method for scaling risk estimators, ensuring robustness and conservative risk assessment. This approach extends time scaling beyond conventional methods, facilitates risk transfers, and enables unbiased estimation in small sample settings. Demonstrated through value-at-risk and expected shortfall estimation examples, the method's effectiveness is supported by an empirical study showcasing its impact.
Lire la suite