Intro to Cybersecurity Risk Assessment | by Kirill Tsyganov | Dec, 2022 – DataDrivenInvestor

Sign up
Sign In
Sign up
Sign In
Dec 22
From a data science perspective
McKinsey estimates that, at the current growth rate, cyberattacks will cause an annual damage of $10.5 trillion by 2025. Already today, according to IBM, an average data breach in US costs $9.5 million.
Cybersecurity risks is one of the fastest growing digital industries where the data science toolkit saves millions from day one. This intro elaborates the from a data science perspectiveStarting with the definition of risk we will build an intuition for using Bayesian modelling mindset to address practical challenges.
Of course when risks are identified, they have to be managed. But in order to manage risks effectively they need to be calculated and prioritized first. Without risk assessment organizations couldn’t focus on really important things, and considering limited budget could leave critical assets unprotected.
By definition, . The word “expected” indicates that we try to predict the future and operate with uncertainty. In mathematical terms it means we have a random variable , which takes different possible values when bad events happen (risk scenarios are realized). And the expected value of this random variable is called risk.
An event can be something complex, e.g., a data breach via unsecured API in a cloud infrastructure, but for our purposes it translates into a combination of .
and are designated activities conducted on different levels (worldwide, country, organization, network perimeter, application etc.). For instance,
By modelling risks we mean estimating a of the impact.
According to the definition of expected value, we operate in a universe of all possible events, i.e., and dependencies between different threats and vulnerabilities are possible.
How to handle all this real world complexity? This is the moment when Subject Matter Experts in cybersecurity reveal the truth or heuristics about the universe of events. For instance, they can tell that without loosing much accuracy, you can model some threats independently, or that vulnerability of one asset doesn’t influence another asset’s vulnerability and etc. In other words, SMEs will provide which could simplify the estimation of the Impact probability distribution. i.e., . Selected examples of such assumptions are below:
After the assumptions about the impact probability distribution being made it is time to estimate the distribution with the data. The motivation for the modelling approach comes from the fact that data points are rare by design — we don’t want any risks to be actually realized.
In order to decide which to choose, an organization estimates how a particular risk mitigation measures change the vulnerability profile and . The question is critical because risk reduction does not come for free. By modelling residual risk (after measures were applied) risk managers solve an : what measures mitigate the risk to a given risk tolerance level so that costs do not exceed the given budget.
Moreover, should not be ignored. For instance, if hackers become aware of particular mitigation measures, it might decrease the probability of a threat addressing the vulnerability covered by those measures.
Cybersecurity risk management is vital for a modern organization. Risk assessment is the cornerstone of the risk management process which distinguishes winners from losers. It has many modelling challenges. And organizations overcome them by applying realistic assumptions to simplify calculations. Risk mitigation strategy is the outcome of the risk modelling exercise incorporating costs of the risk reduction activities.
Due to the fast-changing cybersecurity environment this process is usually semi-automated and active 24/7 with the help of real-time security risk monitoring systems. Implementation and maintenance of such system is an important but challenging task. However, only moving this way organizations can take the risks under control.
The good news is that the majority of the risks modelling challenges can be addressed with the existing data science and machine learning methods.
Subscribe to DDIntel Here.
Visit our website here:
Join our network here:

empowerment through data, knowledge, and expertise. subscribe to DDIntel at
Grim Finance
Berty Team
CoolTechZone – Cyber Security Labs & News
Dinu Gitlan
Naoris Protocol
Naoris Protocol
Data Scientist at Avanade;
Text to speech


Leave a Comment