Not logged in.
Quick Search - Contribution
Contribution Details
Type | Master's Thesis |
Scope | Discipline-based scholarship |
Title | Design and Implementation of a Business-driven Threat Quantification Framework |
Organization Unit | |
Authors |
|
Supervisors |
|
Language |
|
Institution | University of Zurich |
Faculty | Faculty of Business, Economics and Informatics |
Date | 2023 |
Abstract Text | Nowadays, companies and organizations invest in cybersecurity more and more as they are operating with digital information systems. Cyber risk management presents a well-defined path toward the management of critical assets, threats, and countermeasures. Within cyber risk management, threat modeling is a structured process to identify potential threats, and in this process, it is significant to evaluate each threat and estimate its potential impacts. Although threat modeling methodologies have been developed in depth, most of them focus on threat identification in di↵erent contexts, while how to quantify their impact for further inspection is less discussed. This thesis works on designing a framework to fill in this gap. The main outcome of this thesis is a framework that guides users to evaluate and quantify cyber threats in business contexts. The framework integrates applicable business impacts, calculates and visualizes the impacts of cyber threats, providing users with an intuitive picture of cyber threats analysis in the view of business. The prototype is well developed and properly evaluated, and the usability of the prototype is of satisfaction. |
PDF File | Download |
Export | BibTeX |