Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book provides a brief and general introduction to cybersecurity and cyber-risk assessment. Not limited to a specific approach or technique, its focus is highly pragmatic and is based on established international standards (including ISO 31000) as well as industrial best practices. It explains how cyber-risk assessment should be conducted, which techniques should be used when, what the typical challenges and problems are, and how they should be addressed. The content is divided into three parts. First, part I provides a conceptual introduction to the topic of risk management in general and to cybersecurity and cyber-risk management in particular. Next, part II presents the main stages of cyber-risk assessment from context establishment to risk treatment and acceptance,  each illustrated by a running example. Finally, part III details four important challenges and how to reasonably deal with them in practice: risk measurement, risk scales, uncertainty, and low-frequency risks with high consequence. The target audience is mainly practitioners and students who are interested in the fundamentals and basic principles and techniques of security risk assessment, as well as lecturers seeking teaching material. The book provides an overview of the cyber-risk assessment process, the tasks involved, and how to complete them in practice.

Computer Science --- Engineering & Applied Sciences --- Computer crimes --- Cyberspace --- Computer security. --- Data protection. --- Prevention. --- Security measures. --- Data governance --- Data regulation --- Personal data protection --- Protection, Data --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Security measures --- Protection of computer systems --- Protection --- Computer science. --- Management. --- Industrial management. --- Mathematical statistics. --- Management information systems. --- Quality control. --- Reliability. --- Industrial safety. --- Computer Science. --- Systems and Data Security. --- Quality Control, Reliability, Safety and Risk. --- Management of Computing and Information Systems. --- Probability and Statistics in Computer Science. --- Innovation/Technology Management. --- Data protection --- Security systems --- Hacking --- Industrial accidents --- Industries --- Job safety --- Occupational hazards, Prevention of --- Occupational health and safety --- Occupational safety and health --- Prevention of industrial accidents --- Prevention of occupational hazards --- Safety, Industrial --- Safety engineering --- Safety measures --- Safety of workers --- Accidents --- System safety --- Dependability --- Trustworthiness --- Conduct of life --- Factory management --- Industrial engineering --- Reliability (Engineering) --- Sampling (Statistics) --- Standardization --- Quality assurance --- Quality of products --- Computer-based information systems --- EIS (Information systems) --- Executive information systems --- MIS (Information systems) --- Sociotechnical systems --- Information resources management --- Management --- Mathematics --- Statistical inference --- Statistics, Mathematical --- Statistics --- Probabilities --- Business administration --- Business enterprises --- Business management --- Corporate management --- Corporations --- Industrial administration --- Management, Industrial --- Rationalization of industry --- Scientific management --- Business --- Industrial organization --- Administration --- Industrial relations --- Organization --- Informatics --- Science --- Prevention --- Communication systems --- Statistical methods --- Electronic data processing --- Space and time --- Telematics --- System safety. --- Information Systems. --- Safety, System --- Safety of systems --- Systems safety --- Industrial safety --- Systems engineering