Security Posture-Based Incident Forecasting

The frequency and impact of cybersecurity incidents increases every year, with data breaches, often caused by malicious attackers, among the most costly, damaging, and pervasive. Although our ability to quantify this risk for organizations remains frustratingly low, the cyber insurance industry has grown rapidly over the past several years and is expected to continue this growth into the foreseeable future, elevating the importance of developing new techniques for organizational risk assessment. This paper presents a method of utilizing machine learning to conduct security posture-based forecasting which offers certain improvements over current methods of establishing the probability of cybersecurity incidents. Furthermore, we introduce a novel method of building a network configuration-centric feature space while reducing both the data space and the processing cost of this sort of analysis.