Baldwin, Adrian, Gheyas, Iffat, Ioannidis, Christos, Pym, David and Willams, Julian (2017). Contagion in cybersecurity attacks. Journal of the Operational Research Society, 68 (7), pp. 780-791.
Abstract
Systems security is essential for the efficient operation of all organizations. Indeed, most large firms employ a designated ‘Chief Information Security Officer’ to coordinate the operational aspects of the organization’s information security. Part of this role is in planning investment responses to information security threats against the firm’s corporate network infrastructure. To this end, we develop and estimate a vector equation system of threats to 10 important IP services, using industry standard SANS data on threats to various components of a firm’s information system over the period January 2003 – February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems’ defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.
Publication DOI: | https://doi.org/10.1057/jors.2016.37 |
---|---|
Divisions: | College of Business and Social Sciences > Aston Business School > Economics, Finance & Entrepreneurship College of Business and Social Sciences > Aston Business School |
Additional Information: | The final publication is available at Springer via http://dx.doi.org/10.1057/jors.2016.37 |
Uncontrolled Keywords: | jumps,contagion,Hawkes process,self- and mutually exciting processes |
Publication ISSN: | 1476-9360 |
Last Modified: | 13 Nov 2024 08:08 |
Date Deposited: | 07 Dec 2016 10:25 | PURE Output Type: | Article |
Published Date: | 2017-07 |
Published Online Date: | 2017-03-09 |
Accepted Date: | 2016-04-26 |
Authors: |
Baldwin, Adrian
Gheyas, Iffat Ioannidis, Christos Pym, David Willams, Julian |