Marshall Kuypers, Elisabeth Paté-Cornell, Thomas Maillart
Working Paper
Every day, security engineers cope with a flow of cyber security incidents. While most incidents trigger routine reactions, others require orders of magnitude more effort to investigate and resolve....
Despite the tempting similarities, the analogy between nuclear and cyber weapons is presently flawed. High-ranking officials that are using it as the basis for policies of deterrence in cyberspace...
Organizations routinely face risk trade-offs. Broadly modeling a system can act as decision support in the face of significant uncertainty about an organizations threats, vulnerabilities, and...
Organizations often record cybersecurity incidents to track employee workload, satisfy auditors, fulfil reporting requirements, or to analyze cyber risk. While security incident databases are often...
Currently, significant uncertainty surrounds cyber security investments. Chief Information Security Officers do not have an effective framework to compare investments into various security safeguards...