Examining approaches to quantifying cyber risk for improved cybersecurity management
Download1144933199-MIT.pdf (2.318Mb)
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Michael Siegel.
Terms of use
Metadata
Show full item recordAbstract
As technology's societal influence continues to grow, cyber risk management is becoming a serious priority. Individuals are putting their important assets and personal data, such as social security numbers, passwords, medical history, and more into the cloud. As a result, security breaches pose a drastic threat. To properly address this, rigorous risk management needs to be in place, and it is a well-known adage that you can not manage what you can not measure. This thesis first shows that there is room in the industry for better quantitative cyber risk measurement and then provides an assessment of current players that are trying to approach this issue. As one solution to the problem, a Failure Modes and Effects Analysis is performed on well-known cybersecurity breaches to provide common failure modes, causes, and effects within an organization. Cyber risk must be evaluated quantitatively in order to effectively approach it.
Description
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections. Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2019 Cataloged from student-submitted PDF version of thesis. Includes bibliographical references (pages 63-71).
Date issued
2019Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.