Security Posture-Based Incident Forecasting

Abstract

The frequency and impact of cybersecurity incidents increases every year, with data breaches, often caused by malicious attackers, among the most costly, damaging, and pervasive. Although our ability to quantify this risk for organizations remains frustratingly low, the cyber insurance industry has grown rapidly over the past several years and is expected to continue this growth into the foreseeable future, elevating the importance of developing new techniques for organizational risk assessment. This paper presents a method of utilizing machine learning to conduct security posture-based forecasting which offers certain improvements over current methods of establishing the probability of cybersecurity incidents. Furthermore, we introduce a novel method of building a network configuration-centric feature space while reducing both the data space and the processing cost of this sort of analysis.

Volume
15
Issue
1
Year
2022
Keywords
Cybersecurity, risk assessment, machine learning, forecasting, predictive analytics
Publications
Variance
Authors
Steven Weber
Ben Goodman
Dagmawi Mulugeta