Quantifying the Severity of a Cybersecurity Incident for Incident Reporting

Conard, Chelsea Foushee

Author(s)

Conard, Chelsea Foushee

DownloadThesis PDF (7.136Mb)

Advisor

Reynolds, Taylor

Weitzner, Daniel J.

Terms of use

Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) Copyright retained by author(s) https://creativecommons.org/licenses/by-nc-nd/4.0/

Metadata

Show full item record

Abstract

In the field of cybersecurity, the lack of standardized data collection and incident reporting methods pose significant challenges to address and respond to incidents affecting critical infrastructure. Various initiatives aim to resolve this issue by mandating the collection of data on cyber incidents; however, there is often a lack of clear guidelines on how the collected data will be utilized effectively. This paper introduces the Cyber Incident Severity Scale (CISS), a framework designed to guide the selection of relevant data for analysis and communicate the severity of a cybersecurity incident. By drawing insights from established scales in other fields, such as natural disasters and public health, this research produces a single score for a reporting entity which can be aggregated to determine the overall severity of an incident. The ability to swiftly assess and score an incident is a critical tool to quantify incident severity and prioritize response, support policy development, and bolster the overall security of critical infrastructure.

Date issued

2024-09

URI

https://hdl.handle.net/1721.1/157124

Department

Massachusetts Institute of Technology. Institute for Data, Systems, and Society

Publisher

Massachusetts Institute of Technology

Collections

Graduate Theses