Quantifying the Severity of a Cybersecurity Incident for Incident Reporting

• dc.contributor.advisor: Reynolds, Taylor
• dc.contributor.advisor: Weitzner, Daniel J.
• dc.contributor.author: Conard, Chelsea Foushee
• dc.date.issued: 2024-09
• dc.date.submitted: 2024-09-16T19:32:15.163Z
• dc.identifier.uri: https://hdl.handle.net/1721.1/157124
• dc.description.abstract: In the field of cybersecurity, the lack of standardized data collection and incident reporting methods pose significant challenges to address and respond to incidents affecting critical infrastructure. Various initiatives aim to resolve this issue by mandating the collection of data on cyber incidents; however, there is often a lack of clear guidelines on how the collected data will be utilized effectively. This paper introduces the Cyber Incident Severity Scale (CISS), a framework designed to guide the selection of relevant data for analysis and communicate the severity of a cybersecurity incident. By drawing insights from established scales in other fields, such as natural disasters and public health, this research produces a single score for a reporting entity which can be aggregated to determine the overall severity of an incident. The ability to swiftly assess and score an incident is a critical tool to quantify incident severity and prioritize response, support policy development, and bolster the overall security of critical infrastructure.
• dc.publisher: Massachusetts Institute of Technology
• dc.type: Thesis
• dc.description.degree: S.M.
• dc.contributor.department: Massachusetts Institute of Technology. Institute for Data, Systems, and Society
• mit.thesis.degree: Master
• thesis.degree.name: Master of Science in Technology and Policy