In this paper we introduce a new methodology for estimating the risks of cyber attacks. In order to deal with the ordinal nature of the cyber risk response variable, an extension of linear regression models is proposed, by means of the rank tools. We also suggest a specific model evaluation measure, called RG (Rank Graduation), aiming at detecting the factors which mainly affect cyber risks. Finally, to shed light on the effectiveness of our proposal, we use our proposed methodology to rank real cyber loss data.

A rank graduation index to prioritise cyber risks = Un indice di graduazione per assegnare livelli di priorita` ai rischi informatici

P. Giudici;E. Raffinetti
2019-01-01

Abstract

In this paper we introduce a new methodology for estimating the risks of cyber attacks. In order to deal with the ordinal nature of the cyber risk response variable, an extension of linear regression models is proposed, by means of the rank tools. We also suggest a specific model evaluation measure, called RG (Rank Graduation), aiming at detecting the factors which mainly affect cyber risks. Finally, to shed light on the effectiveness of our proposal, we use our proposed methodology to rank real cyber loss data.
2019
9788891915108
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11571/1496789
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact