Cyber risk assessment standards and methodologies do not consider psychological, social and behavioural parameters in their classifications of the attackers’ types, profiles, and competencies. In this paper, we present a holistic, multidimensional approach to examine the likelihood for an attackers’ behaviour to occur by considering all influential factors (e.g., technical, social, behavioural, psychological). Furthermore, the quantification of the attackers’ behaviours may lead to better estimate attacks’ potential.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...