Giovanni Rabitti, Amir Khorrami Chokami, Patrick Coyle, Ruben D Cohen
{"title":"网络风险分类标准。","authors":"Giovanni Rabitti, Amir Khorrami Chokami, Patrick Coyle, Ruben D Cohen","doi":"10.1111/risa.16629","DOIUrl":null,"url":null,"abstract":"<p><p>The field of cyber risks is rapidly expanding, yet significant research remains to be conducted. Numerous taxonomy-based systems have been proposed in both the academic literature and industrial practice to classify cyber risk threats. However, the fragmentation of various approaches has resulted in a plethora of taxonomies, often incongruent with one another. In this study, we undertake a comprehensive review of these alternative taxonomies and offer a common framework for their classification based on their scope. Furthermore, we introduce desirable properties of a taxonomy, which enable comparisons of different taxonomies with the same scope. Finally, we discuss the managerial implications stemming from the utilization of each taxonomy class to support decision-making processes.</p>","PeriodicalId":21472,"journal":{"name":"Risk Analysis","volume":" ","pages":""},"PeriodicalIF":3.0000,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A taxonomy of cyber risk taxonomies.\",\"authors\":\"Giovanni Rabitti, Amir Khorrami Chokami, Patrick Coyle, Ruben D Cohen\",\"doi\":\"10.1111/risa.16629\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>The field of cyber risks is rapidly expanding, yet significant research remains to be conducted. Numerous taxonomy-based systems have been proposed in both the academic literature and industrial practice to classify cyber risk threats. However, the fragmentation of various approaches has resulted in a plethora of taxonomies, often incongruent with one another. In this study, we undertake a comprehensive review of these alternative taxonomies and offer a common framework for their classification based on their scope. Furthermore, we introduce desirable properties of a taxonomy, which enable comparisons of different taxonomies with the same scope. Finally, we discuss the managerial implications stemming from the utilization of each taxonomy class to support decision-making processes.</p>\",\"PeriodicalId\":21472,\"journal\":{\"name\":\"Risk Analysis\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2024-08-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Risk Analysis\",\"FirstCategoryId\":\"3\",\"ListUrlMain\":\"https://doi.org/10.1111/risa.16629\",\"RegionNum\":3,\"RegionCategory\":\"医学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"MATHEMATICS, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Risk Analysis","FirstCategoryId":"3","ListUrlMain":"https://doi.org/10.1111/risa.16629","RegionNum":3,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"MATHEMATICS, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
The field of cyber risks is rapidly expanding, yet significant research remains to be conducted. Numerous taxonomy-based systems have been proposed in both the academic literature and industrial practice to classify cyber risk threats. However, the fragmentation of various approaches has resulted in a plethora of taxonomies, often incongruent with one another. In this study, we undertake a comprehensive review of these alternative taxonomies and offer a common framework for their classification based on their scope. Furthermore, we introduce desirable properties of a taxonomy, which enable comparisons of different taxonomies with the same scope. Finally, we discuss the managerial implications stemming from the utilization of each taxonomy class to support decision-making processes.
期刊介绍:
Published on behalf of the Society for Risk Analysis, Risk Analysis is ranked among the top 10 journals in the ISI Journal Citation Reports under the social sciences, mathematical methods category, and provides a focal point for new developments in the field of risk analysis. This international peer-reviewed journal is committed to publishing critical empirical research and commentaries dealing with risk issues. The topics covered include:
• Human health and safety risks
• Microbial risks
• Engineering
• Mathematical modeling
• Risk characterization
• Risk communication
• Risk management and decision-making
• Risk perception, acceptability, and ethics
• Laws and regulatory policy
• Ecological risks.