A Review : Cyber Security and Risk Assessment

Authors

  • Anirudh Kumar Paswan  M Tech Scholar, Computer Science & Engineering, Millennium Institute of Technology and Science, Bhopal, India
  • Prof. Vinod Mahor  Assistant Professor, Computer Science & Engineering, Millennium Institute of Technology and Science Bhopal, India

Keywords:

Cloud Computing, Cyber Security, Quantitative Risk Assessment Models, Security Risk Assessment.

Abstract

The current state of cloud computing security risk assessment is reviewed in this study. The quantitative security risk assessment models created for or used specifically in the context of a cloud computing system are selected, and a detailed analysis is done of them. Engineers and management need to be aware of these issues and have access to the data they need. This broad introduction of cyber security and risk assessment, which also includes a thorough examination of the literature to date, covers the important commercial and governmental bodies active in this subject. References are given to provide further details on the key issues related to the approaches for risk assessment. In terms of goal, the stages of risk management handled, important risk management concepts covered, and sources of probabilistic data, we assess and then analyse existing models. Based on the study, this work also suggest comparing these models to identify the weaknesses and strengths of each one.

References

  1. Whitman, M. E., & Mattord, H. J. (2016). Principles of Information Security. Cengage Learning.
  2. Peltier, T. R. (2016). Information Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis. Elsevier.
  3. National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1). U.S. Department of Commerce.
  4. Kshetri, N. (2018). Blockchain's roles in meeting key supply chain management objectives. International Journal of Information Management, 39, 80-89.
  5. Williams, M. (2017). Cybersecurity and risk assessment in the hospitality industry. Journal of Hospitality and Tourism Technology, 8(2), 119-130.
  6. Siponen, M. T., & Vance, A. (2010). Neutralization: New insights into the problem of employee cyberdeviance. MIS Quarterly, 34(3), 487-502.
  7. Kumar, S., & Srivastava, S. (2021). A Comprehensive Review of Cybersecurity Threats, Risks and Mitigation Strategies. Journal of Cybersecurity and Privacy, 1(1), 1-16.
  8. Shin, J., Yoon, J., Lee, J., & Kim, H. (2020). Cybersecurity risk assessment for industrial control systems: A survey. Journal of Network and Computer Applications, 154, 102697.
  9. Alzahrani, A., Hussain, R., & Hussain, F. K. (2019). A novel approach for cyber security risk assessment using attack trees and fuzzy logic. IEEE Access, 7, 12031-12042.
  10. Bhattacharya, S., & Paul, A. (2019). Cybersecurity risk assessment using analytic hierarchy process-based approach. Journal of Cybersecurity and Mobility, 7(4), 19-41.
  11. Khan, I. A., Imran, M., & Ahmad, J. (2018). A comprehensive review of cybersecurity risk assessment tools for industrial control systems. Journal of Network and Computer Applications, 108, 58-81.
  12. Al-Shehri, S. A. (2018). Cyber security risk assessment in cloud computing using Bayesian networks. Journal of Information Security and Applications, 40, 28-41.
  13. Alharbi, F. (2017). Cyber security risk assessment for small and medium-sized enterprises: A systematic review of recent empirical studies. International Journal of Information Management, 37(5), 618-634.
  14. Rana, M., Misra, S., & Ong, K. L. (2017). An overview of cyber security risk assessment frameworks for SCADA systems. Journal of Network and Computer Applications, 84, 23-34.
  15. Chen, Y. H., Chen, H. Y., Chen, Y. L., & Tsai, C. F. (2017). A cybersecurity risk assessment model for enterprises. Journal of Internet Technology, 18(5), 1095-1102.
  16. Shen, W., Hu, X., Xu, J., & Chen, Y. (2017). An intelligent risk assessment method for network security based on improved Bayesian network. Journal of Network and Computer Applications, 85, 155-165.
  17. Abugabah, A., Mohamed, N., & Elleithy, K. (2017). A multi-criteria decision making approach for cyber security risk assessment of information systems. Journal of Ambient Intelligence and Humanized Computing, 8(6), 831-846.
  18. Kahani, M., & Ghorbani, A. A. (2017). Cyber security risk assessment of enterprise networks using Bayesian networks. Journal of Information Security and Applications, 34, 102-111.
  19. Cherdantseva, Y., Hilton, J., & Burnap, P. (2018). Risk management and cybersecurity: A review. Journal of Risk Research, 21(3), 300-314. doi: 10.1080/13669877.2017.1316181
  20. Kim, J. T., & Kim, D. H. (2021). Risk assessment of cyber-attacks using a deep learning approach. IEEE Access, 9, 118138-118152. doi: 10.1109/ACCESS.2021.3118289
  21. Li, C., Li, J., Guan, Q., Li, X., & Li, X. (2020). Cybersecurity risk assessment and management for power systems. Energies, 13(19), 5005. doi: 10.3390/en13195005
  22. National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity. Retrieved from https://www.nist.gov/cyberframework
  23. Solms, R. V., & Solms, R. (2016). Information security risk management: An overview. Computers & Security, 60, 212-217. doi: 10.1016/j.cose.2015.09.005

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2023-04-30

Issue

Volume 9, Issue 2, March-April-2023

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Anirudh Kumar Paswan, Prof. Vinod Mahor, " A Review : Cyber Security and Risk Assessment, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 9, Issue 2, pp.324-331, March-April-2023.