The challenge of selecting the optimal technical, organisational, legal, and other preventive and repressive measures to reduce cyber risks to acceptable levels can only be understood in the context of the application of Cyber Risk Management. Risk Management is about analysing the relationships between threats, incidents and risks (here in the complex world of cyberspace), based on which an adequate set of countermeasures can be designed.
Risk (= the potential lo loosing something of value) can manifest itself in cyberspace in all kinds of ways: values at stake are financial wealth, health, physical condition (of people, materials, goods, infrastruc-tures, etc.), well-being, reputation, privacy, trust, etc.
Based on a conceptualisation of cyberspace and its various sub-domains (discussed in the project week of year 1), we introduce risk assessment approaches, both of qualitative and quantitative manner, illustrated with case studies, a.o., related to a set of well-known real-world cyber security incidents. In addition, technical and non-technical cyber risk mitigation strategies are being introduced and discussed.
Cyberspace and its various sub-domains and layers; dependencies on IT and related risks; diginotar, Stuxnet, KPN-hack, and other big cyber incidents; bowtie model, vulnerabilities, barriers; cyber threats; fault and attack trees; APTs; cyber incidents; impact scenarios and cascading effects; cyber risks of all kinds expressed in the loss of various values; risk metrics; prioritization of risks; security-by-design principles; principles of technical preventative measures (IAA principles, mechanisms & tools; software quality; architectural decomposition; redundancy; firewalls, scanning tools; predictive analytics) and non-technical preventative measures (risk policies, organisation-wise, awareness training); fundamentals of technical repressive measures (monitoring & analytics, data & information sharing tools, IDS; SOCs) and non-technical repressive measures (disaster recovery and crisis management); cyber security as societal problem, nationally and internationally (institutional arrangements); cyber security standards (and their current shortcomings).
To get knowledge, understanding and skills with respect to
• Cyber risk assessment methods of (complex, multi-step) cyber incidents, possibly with cascading effects
• Preventive measures that help to prevent the occurrence of cyber incidents
• The fundamentals of repressive measures (detecting incidents in-time and reducing their impact)
• Balancing the various human values at stake, including the balance between privacy and security, primarily from a governmental (macro-level) perspective