all InfoSec news
QuantTM: Business-Centric Threat Quantification for Risk Management and Cyber Resilience
Feb. 23, 2024, 5:11 a.m. | Jan von der Assen, Muriel F. Franco, Muyao Dong, Burkhard Stiller
cs.CR updates on arXiv.org arxiv.org
Abstract: Threat modeling has emerged as a key process for understanding relevant threats within businesses. However, understanding the importance of threat events is rarely driven by the business incorporating the system. Furthermore, prioritization of threat events often occurs based on abstract and qualitative scoring. While such scores enable prioritization, they do not allow the results to be easily interpreted by decision-makers. This can hinder downstream activities, such as discussing security investments and a security control's economic …
arxiv business businesses cs.cr cyber cyber resilience events key management modeling prioritization process qualitative quantification relevant resilience risk risk management scoring system threat threat modeling threats understanding
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Azure DevSecOps Cloud Engineer II
@ Prudent Technology | McLean, VA, USA
Security Engineer III - Python, AWS
@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
SOC Analyst (Threat Hunter)
@ NCS | Singapore, Singapore
Managed Services Information Security Manager
@ NTT DATA | Sydney, Australia
Senior Security Engineer (Remote)
@ Mattermost | United Kingdom
Penetration Tester (Part Time & Remote)
@ TestPros | United States - Remote