Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review

13Citations
Citations of this article
78Readers
Mendeley users who have this article in their library.

Abstract

Traditional information security risk assessment (RA) methodologies and standards, adopted by information security management systems and frameworks as a foundation stone towards robust environments, face many difficulties in modern environments where the threat landscape changes rapidly and new vulnerabilities are being discovered. In order to overcome this problem, dynamic risk assessment (DRA) models have been proposed to continuously and dynamically assess risks to organisational operations in (near) real time. The aim of this work is to analyse the current state of DRA models that have been proposed for cybersecurity, through a systematic literature review. The screening process led us to study 50 DRA models, categorised based on the respective primary analysis methods they used. The study provides insights into the key characteristics of these models, including the maturity level of the examined models, the domain or application area in which these models flourish, and the information they utilise in order to produce results. The aim of this work is to answer critical research questions regarding the development of dynamic risk assessment methodologies and provide insights on the already developed methods as well as future research directions.

Cite

CITATION STYLE

APA

Cheimonidis, P., & Rantos, K. (2023, October 1). Dynamic Risk Assessment in Cybersecurity: A Systematic Literature Review. Future Internet. Multidisciplinary Digital Publishing Institute (MDPI). https://doi.org/10.3390/fi15100324

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free