Determination of the end device risk likelihood using the Bayesian network tools

Abstract

All institutions use end devices for information processing which includes sending and receiving on the network. This process helps them to improve their business production as well as perform daily activities at a faster rate. However, the increased usage of end devices by both employees and criminals raises concerns and exposes businesses to a range of cyber risks. End devices can sometimes be used as agents and weapons to expose internal business operations. The vulnerability of the end devices to cyber threats and attacks compromises business data, its safety, and security. This paper determines the risk likelihood of the end devices using the Bayesian network tools. To achieve this, the study illustrates the connections of the end device variables to simulate the risk likelihood and its impact. The analysis and interpretation of the simulation are performed using decision tree analysis (DTA), scenario analysis, and sensitivity analysis techniques (Tornado graphs, conditional probability tables (CPT), and value of information configuration (VOI)). The relationship of the variables is demonstrated on the AgenaRisk package. Results revealed variables that influence the risk probability and its impact.  End device risks can be caused by insiders and cyber criminals. The risks associated with end devices are influenced by the level of security implementation on different levels. The impact of the cyber risks was also accounted for and the concluding remarks were also made.