| dc.contributor.author | Wangen, Gaute | |
| dc.contributor.author | Shalaginov, Andrii | |
| dc.date.accessioned | 2018-02-12T11:46:59Z | |
| dc.date.available | 2018-02-12T11:46:59Z | |
| dc.date.created | 2016-04-11T16:03:22Z | |
| dc.date.issued | 2016 | |
| dc.identifier.isbn | 978-3-319-31811-0 | |
| dc.identifier.uri | http://hdl.handle.net/11250/2484066 | |
| dc.description.abstract | Achieving the quantitative risk assessment has long been an elusive problem in information security, where the subjective and qualitative assessments dominate. This paper discusses the appropriateness of statistical and quantitative methods for information security risk management. Through case studies, we discuss different types of risks in terms of quantitative risk assessment, grappling with how to obtain distributions of both probability and consequence for the risks. N.N. Taleb’s concepts of the Black Swan and the Four Quadrants provides the foundation for our approach and classification. We apply these concepts to determine where it is appropriate to apply quantitative methods, and where we should exert caution in our predictions. Our primary contribution is a treatise on different types of risk calculations, and a classification of information security threats within the Four Quadrants. | nb_NO |
| dc.language.iso | eng | nb_NO |
| dc.publisher | Springer | nb_NO |
| dc.relation.ispartof | Risks and Security of Internet and Systems: 10th International Conference, CRiSIS 2015, Mytilene, Lesbos Island, Greece, July 20-22, 2015, Revised Selected Papers | |
| dc.title | Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security | nb_NO |
| dc.type | Chapter | nb_NO |
| dc.description.version | acceptedVersion | nb_NO |
| dc.source.pagenumber | 127-143 | nb_NO |
| dc.identifier.doi | 10.1007/978-3-319-31811-0_8 | |
| dc.identifier.cristin | 1349956 | |
| dc.description.localcode | This is a post-peer-review, pre-copyedit version of an article published in [International Conference on Risks and Security of Internet and Systems]. The final authenticated version is available online at: https://link.springer.com/chapter/10.1007%2F978-3-319-31811-0_8 | nb_NO |
| cristin.unitcode | 194,18,21,80 | |
| cristin.unitname | Norwegian Information Security Lab | |
| cristin.ispublished | true | |
| cristin.fulltext | original | |
| cristin.qualitycode | 1 | |
