all InfoSec news
QuantTM: Business-Centric Threat Quantification for Risk Management and Cyber Resilience
Feb. 23, 2024, 5:11 a.m. | Jan von der Assen, Muriel F. Franco, Muyao Dong, Burkhard Stiller
cs.CR updates on arXiv.org arxiv.org
Abstract: Threat modeling has emerged as a key process for understanding relevant threats within businesses. However, understanding the importance of threat events is rarely driven by the business incorporating the system. Furthermore, prioritization of threat events often occurs based on abstract and qualitative scoring. While such scores enable prioritization, they do not allow the results to be easily interpreted by decision-makers. This can hinder downstream activities, such as discussing security investments and a security control's economic …
arxiv business businesses cs.cr cyber cyber resilience events key management modeling prioritization process qualitative quantification relevant resilience risk risk management scoring system threat threat modeling threats understanding
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC