Artificial Intelligence,Cyber Security,Quantum Computing
An Agile Framework for Quantitative Risk assessment in a Security Operations Centre (SOC)
The network security industry is missing a quantifiable strategy for collating security
information, assessing risk and making evidence based decisions. Significant corpo-
rate spending occurs on network infrastructure and security tools without a quantita-
tive evaluation of the risk reduction resulting from the effectiveness of chosen security
strategies. The framework created in this work improves on singular data abstraction
approaches to security by using an ontological, metric driven description of security
controls coupled with a graphical view of the threat landscape to provide a probabilis-
tic determination of risk. 1.45 MB
information, assessing risk and making evidence based decisions. Significant corpo-
rate spending occurs on network infrastructure and security tools without a quantita-
tive evaluation of the risk reduction resulting from the effectiveness of chosen security
strategies. The framework created in this work improves on singular data abstraction
approaches to security by using an ontological, metric driven description of security
controls coupled with a graphical view of the threat landscape to provide a probabilis-
tic determination of risk. 1.45 MB