Comparative Risk Assessment of Cyber Threats Based on Average and Fuzzy Set Theory

Abstract

Applied results of scientific analysis should be the key focus of modern security research. A comparative analysis of research results obtained using different methods, as an applied task, forms a broader basis for interpreting the results and substantiating the conclusions. A social survey and expert opinion research were conducted to implement the general concept of strategic analysis of cybersecurity in Ukraine. Using the method based on determining the average value in a certain set of estimates, as well as the method based on the theory of fuzzy sets, the risks of spreading certain cyber threats in Ukraine were assessed. The results were compared. Although the use of different measurement methods led to some differences in quantitative risk indicators, the comparative analysis of the ratio of the level of different cyber threats did not change significantly. At the same time, the fuzzy set method provided more flexible interpretation of the results to characterize cyber threats in terms of their upward or downward trend. In general, the combined approach to cyber threat risk assessment can become an important risk management tool, as it takes advantage of different methods and allows for a deeper understanding of the current situation and the formation of more informed management decisions.