Teaching case study: introducing quantitative risk assessments in a cybersecurity risk management course
Journal of Computing Sciences in Colleges(2022)
Abstract
Despite the recent development of rigorous quantitative approaches for cybersecurity risk assessment, much of the focus in the pedagogical materials remains on teaching qualitative and semi-quantitative assessment approaches. To help fill this gap, this paper provides a scenario-based teaching case that introduces students in a Cybersecurity Risk Management course to FAIR; an advanced quantitative framework for risk assessment. The case study utilizes a fictitious company, for which a risk assessment is underway, and requires the students to use the FAIR framework to determine the risk exposure that the company faces from a threat scenario against one of its mission-critical information resources.
MoreTranslated text
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined