Cloud Enterprise Dynamic Risk Assessment (CEDRA): a dynamic risk assessment using dynamic Bayesian networks for cloud environment

Cloud Enterprise Dynamic Risk Assessment (CEDRA): a dynamic risk assessment using dynamic Bayesian networks for cloud environment

Cloud computing adoption has been increasing rapidly amid COVID-19 as organisations accelerate the implementation of their digital strategies. Most models adopt traditional dynamic risk assessment, which does not adequately quantify or monetise risks to enable business-appropriate decision-making. I...

Full description

Bibliographic Details
Main Authors: Al-Begain, K. (Author), Behbehani, D. (Author), Komninos, N. (Author), Rajarajan, M. (Author)
Format: Article
Language:English
Published: Springer Science and Business Media Deutschland GmbH 2023
Subjects:
Bayesian networks
Cloud environments
Cloud risk assessment
Cloud-computing
COVID-19
Decision making
Digital strategies
Dynamic Bayesian Network
Dynamic Bayesian networks
Dynamic risk assessments
Enterprise dynamics
Finance
Financial loss
Losses
Quantitative risk analysis
Quantitative risk-analysis
Risk analysis
Risk assessment
Risks assessments
Online Access:View Fulltext in Publisher
View in Scopus
LEADER 02578nam a2200409Ia 4500
001 10.1186-s13677-023-00454-2
008 230529s2023 CNT 000 0 und d
020 |a 2192113X (ISSN) 
245 1 0 |a Cloud Enterprise Dynamic Risk Assessment (CEDRA): a dynamic risk assessment using dynamic Bayesian networks for cloud environment 
260 0 |b Springer Science and Business Media Deutschland GmbH  |c 2023 
856 |z View Fulltext in Publisher  |u https://doi.org/10.1186/s13677-023-00454-2 
856 |z View in Scopus  |u https://www.scopus.com/inward/record.uri?eid=2-s2.0-85159636606&doi=10.1186%2fs13677-023-00454-2&partnerID=40&md5=8c1f94f287b0336d10316810ed86e85f 
520 3 |a Cloud computing adoption has been increasing rapidly amid COVID-19 as organisations accelerate the implementation of their digital strategies. Most models adopt traditional dynamic risk assessment, which does not adequately quantify or monetise risks to enable business-appropriate decision-making. In view of this challenge, a new model is proposed in this paper for assignment of monetary losses terms to the consequences nodes, thereby enabling experts to understand better the financial risks of any consequence. The proposed model is named Cloud Enterprise Dynamic Risk Assessment (CEDRA) model that uses CVSS, threat intelligence feeds and information about exploitation availability in the wild using dynamic Bayesian networks to predict vulnerability exploitations and financial losses. A case study of a scenario based on the Capital One breach attack was conducted to demonstrate experimentally the applicability of the model proposed in this paper. The methods presented in this study has improved vulnerability and financial losses prediction. © 2023, The Author(s). 
650 0 4 |a Bayesian networks 
650 0 4 |a Cloud environments 
650 0 4 |a Cloud risk assessment 
650 0 4 |a Cloud-computing 
650 0 4 |a COVID-19 
650 0 4 |a Decision making 
650 0 4 |a Digital strategies 
650 0 4 |a Dynamic Bayesian Network 
650 0 4 |a Dynamic Bayesian networks 
650 0 4 |a Dynamic risk assessments 
650 0 4 |a Enterprise dynamics 
650 0 4 |a Finance 
650 0 4 |a Financial loss 
650 0 4 |a Losses 
650 0 4 |a Quantitative risk analysis 
650 0 4 |a Quantitative risk-analysis 
650 0 4 |a Risk analysis 
650 0 4 |a Risk assessment 
650 0 4 |a Risks assessments 
700 1 0 |a Al-Begain, K.  |e author 
700 1 0 |a Behbehani, D.  |e author 
700 1 0 |a Komninos, N.  |e author 
700 1 0 |a Rajarajan, M.  |e author 
773 |t Journal of Cloud Computing 

Similar Items