Find us on
 |
 |
 |
Upcoming Events
 |
My Computer Ate My Data, Changed My Students' Grades and Stole My Money |
Past Programs
 |
Real-Time Crowd Support for People with Disabilities |
 |
Cyber Operations and National Security |
 |
CISO vs. Adversary |
 |
Adventures in SCADA |
Newsletter - Summer/Fall 2010
Organizations of all types (business, academia, government, etc.) are facing risks resulting from their ever-increasing reliance on the information infrastructure. Decision and policy makers managing these risks are challenged by a lack of information concerning the risks and consequences of cyber events and would benefit from an increased understanding of the implications of cyber security risks and solutions related to their information infrastructure and business. The proposed research project supports risk management efforts by studying essential components of risk management investment decisions: (i) what processes support a rational approach to cyber risk management?, (ii) what data are needed to support rational decisions, and (iii) what are the impacts to individual businesses and business sectors resulting from various investment alternatives? Sound, rational decisions require an understanding of IT risks and their impact on business events; this proposal supports these efforts via the development and refinement of decision support tools. To be of maximum utility, these tools require credible data of current and past situations, likely trends, and the impacts of current and past actions. Similarly, understanding the dynamics of cyber security is needed to help business decision makers understand the likely effects of cyber security choices.
