Assessing Information Security Risks using Pairwise Weighting

被引：1

作者：

Karlzen, Henrik ^{[1
]}

Bengtsson, Johan ^{[1
]}

Hallberg, Jonas ^{[1
]}

机构：

[1] Swedish Def Res Agcy, Dept Informat Secur & IT Architecture, Olaus Magnus Vag 42, Linkoping, Sweden

来源：

ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY | 2017年

关键词：

Risk Assessments; Pairwise Weighting; Information Security Risk; Cognitive Style; Cognitive Load; COGNITIVE-LOAD;

D O I：

10.5220/0006138203180324

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In practice, assessing information security risks is difficult since available methods lack specificity on how to perform the assessments as well as what input should be used. Thus, the process becomes resource demanding with fairly large rater-dependency. An established way of facilitating rating processes is to weight objects against each other, rather than rating each object independently on an absolute scale. In this paper, we investigate whether such a method, inspired by the Analytic Hierarchy Process, can be useful for assessing information security risks. However, the new method did not result in higher inter-rater reliability or lower cognitive load. This result was true both for experts and non-experts, as well as among raters with different cognitive styles.

引用

页码：318 / 324

页数：7

共 50 条

[1] Methodology for Assessing Information Security Risks at Oil Refining Enterprises
Luneva, Natalia N.
Levina, Tatiana M.
Evdokimova, Natalia G.
[J]. IMITATION MARKET MODELING IN DIGITAL ECONOMY: GAME THEORETIC APPROACHES, 2022, 368 : 679 - 690
[2] Assessing security risks
Catanese, Joseph
[J]. Waste Age, 2002, 33 (06):
[3] An Intelligent System to Assessing Information Systems Security Risks in Electronic Business
Feng, Nan
Xie, Jing
Chang, Peng
[J]. 2012 INTERNATIONAL SYMPOSIUM ON INFORMATION SCIENCE AND ENGINEERING (ISISE), 2012, : 303 - 306
[4] Assessing Information Security Risks of AMI What Makes it so Difficult?
Tondel, Inger Anne
Line, Maria B.
Johansen, Gorm
[J]. 2015 INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY (ICISSP), 2015, : 56 - 63
[5] Genre-Based Approach to Assessing Information and Knowledge Security Risks
Padyab, Ali Mohammad
Paivarinta, Tero
Harnesk, Dan
[J]. INTERNATIONAL JOURNAL OF KNOWLEDGE MANAGEMENT, 2014, 10 (02) : 13 - 27
[6] Mathematical Model for Choosing Counterparty When Assessing Information Security Risks
Koltays, Andrey
Konev, Anton
Shelupanov, Alexander
[J]. RISKS, 2021, 9 (07)
[7] Using Prediction Markets to Hedge Information Security Risks
Pandey, Pankaj
Snekkenes, Einar Arthur
[J]. SECURITY AND TRUST MANAGEMENT (STM 2014), 2014, 8743 : 129 - 145
[8] Using Financial Instruments to Transfer the Information Security Risks
Pandey, Pankaj
Snekkenes, Einar
[J]. FUTURE INTERNET, 2016, 8 (02):
[9] Mapping the risks: Assessing the homeland security implications of publicly available geospatial information
Cobb, DA
[J]. GOVERNMENT INFORMATION QUARTERLY, 2005, 22 (03) : 536 - 537
[10] INFORMATION RISKS AND ECONOMIC SECURITY
Okhrimenko, S. A.
Solonenko, O.
[J]. FINANCIAL AND CREDIT ACTIVITY-PROBLEMS OF THEORY AND PRACTICE, 2010, 1 (08): : 200 - 204

← 1 2 3 4 5 →