TY - CHAP
T1 - Quantifying the Impact Propagation of Cyber Attacks Using Business Logic Modeling
AU - Lazrag, Marwan
AU - Kiennert, Christophe
AU - Garcia-Alfaro, Joaquin
N1 - Publisher Copyright:
© The Author(s) 2025.
PY - 2025/1/1
Y1 - 2025/1/1
N2 - Cyber-attacks affect the security properties of critical systems, such as confidentiality, integrity, and availability of crucial business activities. They also affect mission quality and performance. Existing risk assessment tools handling the problem still present some limitations, owing to the difficulty of describing the enterprise infrastructure, such as identifying assets, missions, and their dependencies. Furthermore, little research has been conducted to assess the impact propagation of external events on business entities. In this chapter, we survey existing methods aiming to solve the aforementioned limitations. We focus on two main families: financial and operational impact assessment. The latter aims to specifically assess the impact propagation of cyber-attacks. For instance, cyber-attacks targeting the infrastructure assets and perturbing the execution and performance of the company’s activities. It can also include the evaluation of the financial impact based on former financial assessment methodologies. We also present a concrete operational impact propagation assessment contribution. This contribution extends previous work by enhancing the definition associated to organizational activities that might be impacted by cyber-attacks. It relies on business impact analysis via business logic modeling. It also includes metrics to quantify (i) the impact propagation probability on the business entities, and (ii) critical time (i.e., the time during which the business entity is not be impacted).
AB - Cyber-attacks affect the security properties of critical systems, such as confidentiality, integrity, and availability of crucial business activities. They also affect mission quality and performance. Existing risk assessment tools handling the problem still present some limitations, owing to the difficulty of describing the enterprise infrastructure, such as identifying assets, missions, and their dependencies. Furthermore, little research has been conducted to assess the impact propagation of external events on business entities. In this chapter, we survey existing methods aiming to solve the aforementioned limitations. We focus on two main families: financial and operational impact assessment. The latter aims to specifically assess the impact propagation of cyber-attacks. For instance, cyber-attacks targeting the infrastructure assets and perturbing the execution and performance of the company’s activities. It can also include the evaluation of the financial impact based on former financial assessment methodologies. We also present a concrete operational impact propagation assessment contribution. This contribution extends previous work by enhancing the definition associated to organizational activities that might be impacted by cyber-attacks. It relies on business impact analysis via business logic modeling. It also includes metrics to quantify (i) the impact propagation probability on the business entities, and (ii) critical time (i.e., the time during which the business entity is not be impacted).
KW - Cyber-Attack
KW - Cybersecurity
KW - Impact Assessment
KW - Impact Propagation
KW - Mission Dependency Graph
KW - Resource Dependency Graph
KW - Risk Analysis
U2 - 10.1007/978-3-031-66708-4_3
DO - 10.1007/978-3-031-66708-4_3
M3 - Chapter
AN - SCOPUS:85208125442
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 49
EP - 71
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PB - Springer Science and Business Media Deutschland GmbH
ER -