Quantifying the Severity of a Cybersecurity Incident for Incident Reporting
Author(s)
Conard, Chelsea Foushee
DownloadThesis PDF (7.136Mb)
Advisor
Reynolds, Taylor
Weitzner, Daniel J.
Terms of use
Metadata
Show full item recordAbstract
In the field of cybersecurity, the lack of standardized data collection and incident reporting
methods pose significant challenges to address and respond to incidents affecting critical
infrastructure. Various initiatives aim to resolve this issue by mandating the collection of
data on cyber incidents; however, there is often a lack of clear guidelines on how the collected
data will be utilized effectively.
This paper introduces the Cyber Incident Severity Scale (CISS), a framework designed
to guide the selection of relevant data for analysis and communicate the severity of a cybersecurity incident. By drawing insights from established scales in other fields, such as
natural disasters and public health, this research produces a single score for a reporting
entity which can be aggregated to determine the overall severity of an incident. The ability
to swiftly assess and score an incident is a critical tool to quantify incident severity and
prioritize response, support policy development, and bolster the overall security of critical
infrastructure.
Date issued
2024-09Department
Massachusetts Institute of Technology. Institute for Data, Systems, and SocietyPublisher
Massachusetts Institute of Technology