This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats.
This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques,such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book’s specifically preserved website will enable readers to utilize the course related problems.
• Enables the reader to use the book's website's applications to implement and see results, and use them making ‘budgetary’ sense
• Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds
• Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author
Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling.
Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University’s metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft's Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).
Keywords: Cyber-Risk; Statistical Quality Control; Monte Carlo Simulation; cybersecurity; Discrete-Event Simulation; LGM; CPM; Security Meter (SM) Model Design; Game-Theoretic Computing; Cloud Computing; Cloud Risk-O-Meter; Software Reliability Modeling; Software Reliability Failure-Count Models; System Hardening; Email Security; MS-DOS Commands; Logging; Firewall; Wireless Networks, Human Factors & Risk Assessment, Computer Engineering, Human Factors & Risk Assessment, Computer Engineering