uu.seUppsala universitets publikasjoner
Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
The MaRiQ model: A quantitative approach to risk management
Uppsala universitet, Teknisk-naturvetenskapliga vetenskapsområdet, Matematisk-datavetenskapliga sektionen, Institutionen för informationsteknologi, Avdelningen för datalogi.
Uppsala universitet, Teknisk-naturvetenskapliga vetenskapsområdet, Matematisk-datavetenskapliga sektionen, Institutionen för informationsteknologi, Datalogi.
2019 (engelsk)Independent thesis Advanced level (professional degree), 20 poäng / 30 hpOppgave
Abstract [en]

In recent years, cyber attacks and data fraud have become major issues to companies, businesses and nation states alike. The need for more accurate and reliable risk management models is therefore substantial.

Today, cybersecurity risk management is often carried out on a qualitative basis, where risks are evaluated to a predefined set of categories such as low, medium or high. This thesis aims to challenge that practice, by presenting a model that quantitatively assesses risks - therefore named MaRiQ (Manage Risks Quantitatively).

MaRiQ was developed based on collected requirements and contemporary literature on quantitative risk management. The model consists of a clearly defined flowchart and a supporting tool created in Excel. To generate scientifically validated results, MaRiQ makes use of a number of statistical techniques and mathematical functions, such as Monte Carlo simulations and probability distributions.

To evaluate whether our developed model really was an improvement compared to current qualitative processes, we conducted a workshop at the end of the project. The organization that tested MaRiQexperienced the model to be useful and that it fulfilled most of their needs.

Our results indicate that risk management within cybersecurity can and should be performed using more quantitative approaches than what is praxis today. Even though there are several potential developments to be made, MaRiQ demonstrates the possible advantages of transitioning from qualitative to quantitative risk management processes.

sted, utgiver, år, opplag, sider
2019. , s. 97
Serie
UPTEC STS, ISSN 1650-8319 ; 19017
Emneord [en]
risk management, cyber security, quantitative risk analysis, Monte Carlo simulations
HSV kategori
Identifikatorer
URN: urn:nbn:se:uu:diva-385257OAI: oai:DiVA.org:uu-385257DiVA, id: diva2:1323684
Eksternt samarbeid
Nixu Cybersecurity
Utdanningsprogram
Systems in Technology and Society Programme
Presentation
2019-06-04, Å64119, Lägerhyddsvägen 1, Uppsala, 13:15 (svensk)
Veileder
Examiner
Tilgjengelig fra: 2019-06-12 Laget: 2019-06-12 Sist oppdatert: 2019-06-12bibliografisk kontrollert

Open Access i DiVA

fulltext(2289 kB)277 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 2289 kBChecksum SHA-512
a2c5201c0e8f4f45d0a62bcf04ef94bbc6bc33764d93bb34cdeb2841343ff9889d8de7ac7ec95f38a00366fb1b2efa115c8420229c9643991f04cef744cd9c13
Type fulltextMimetype application/pdf

Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 277 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 490 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf