A robust statistical framework for cyber-vulnerability prioritisation under partial information in threat intelligence

arXiv:2302.08348v4 Announce Type: replace-cross
Abstract: Proactive cyber-risk assessment is gaining momentum due to the wide range of sectors that can benefit from the prevention of cyber-incidents by preserving integrity, confidentiality, and the availability of data. The rising attention to cybersecurity also results from the increasing connectivity of cyber-physical systems, which generates multiple sources of uncertainty about emerging cyber-vulnerabilities. This work introduces a robust statistical framework for quantitative and qualitative reasoning under uncertainty about cyber-vulnerabilities and their prioritisation. Specifically, we take …

arxiv assessment attention availability can confidentiality connectivity cs.cr cyber cybersecurity data framework incidents information integrity intelligence momentum partial prevention proactive results rising risk risk assessment sectors stat.ap stat.me threat threat intelligence under vulnerability