ScienceDirect
Available online at www.sciencedirect.com
Procedia Manufacturing 44 (2020) 655662
2351-9789 2020 The Authors. Published by Elsevier B.V.
This is an open access article under the (http://creativecommons..0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven Architectural Design
10.1016/j.promfg.2020.02.243
2020 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven
Architectural Design
Available online at www.sciencedirect.com
ScienceDirect
Procedia Manufacturing 00 (2019) 000000
www.elsevier.com/locate/procedia
2351-9789 2019 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven Architectural Design
1st International Conference on Optimization-Driven Architectural Design (OPTARCH 2019)
Risk based approach in scope of cybersecurity threats and
requirements
Romuald Hoffmann a,*, Jarosaw Napirkowskia
, Tomasz Protasowickia
, Jerzy Stanika
a Institute of Computer and Information, Systems, Faculty of Cybernetics, Military University of Technology, ul. gen. Sylwestra Kaliskiego 2,
00-908 Warsaw 46, Poland
Abstract
Paper is focused on theoretical and practical considerations related to risk management and cyber security based on the cyber kill
chain concept introduced by Lockheed Martin. Proposed approach of cyber risk management embedded on the cyber kill chain is
new and not reflected in the available literature. Proposed risk management process of identifying, analyzing, evaluating,
assessing and ultimately responding to cyber threats and monitoring risks in each stage of the cyber kill chain is the heart of
proposed approach. The approach may be used in organizations which are going to implement security mechanisms to align with
the in-force requirements or to reduce cyber risks to accepted level. The process of the risk assessment introduced by the authors
follows with the description of the example risk evaluation method based on a continuous-time Markov chain as a model of the
cyber kill chain.
2019 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven
Architectural Design
Keywords: Cyber risk management; Cyber Kill Chain; Cybersecurity; Continuous-time Markov chain
1. Introduction
Like never before our world is being changed very rapidly by modern information and communication
technologies (ICT). Modern ICT has allowed almost unlimited business opportunities. This is mainly due to the
* Corresponding author. Tel.: +48-261-839-504; fax: +48-261-837-858.
E-mail address: [email protected]
Available online at www.sciencedirect.com
ScienceDirect
Procedia Manufacturing 00 (2019) 000000
www.elsevier.com/locate/procedia
2351-9789 2019 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven Architectural Design
1st International Conference on Optimization-Driven Architectural Design (OPTARCH 2019)
Risk based approach in scope of cybersecurity threats and
requirements
Romuald Hoffmann a,*, Jarosaw Napirkowskia
, Tomasz Protasowickia
, Jerzy Stanika
a Institute of Computer and Information, Systems, Faculty of Cybernetics, Military University of Technology, ul. gen. Sylwestra Kaliskiego 2,
00-908 Warsaw 46, Poland
Abstract
Paper is focused on theoretical and practical considerations related to risk management and cyber security based on the cyber kill
chain concept introduced by Lockheed Martin. Proposed approach of cyber risk management embedded on the cyber kill chain is
new and not reflected in the available literature. Proposed risk management process of identifying, analyzing, evaluating,
assessing and ultimately responding to cyber threats and monitoring risks in each stage of the cyber kill chain is the heart of
proposed approach. The approach may be used in organizations which are going to implement security mechanisms to align with
the in-force requirements or to reduce cyber risks to accepted level. The process of the risk assessment introduced by the authors
follows with the description of the example risk evaluation method based on a continuous-time Markov chain as a model of the
cyber kill chain.
2019 The Authors. Published by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the scientific committee of the 1st International Conference on Optimization-Driven
Architectural Design
Keywords: Cyber risk management; Cyber Kill Chain; Cybersecurity; Continuous-time Markov chain
1. Introduction
Like never before our world is being changed very rapidly by modern information and communication
technologies (ICT). Modern ICT has allowed almost unlimited business opportunities. This is mainly due to the
* Corresponding author. Tel.: +48-261-839-504; fax: +48-261-837-858.
E-mail address: [email protected]
656 Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 2 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000
universal access to information, the rapidly growing number of connections and interdependencies between
organizations and their ICT systems, as well as the popularization of mobile technologies. One can observe that the
technical boundaries between organizations and their clients are blurring quickly. Despite the many business
advantages of this state of affairs, this is also a weakness from the point of view of cyber security it is the main
vulnerability exploited by cyber-criminals. Both the scale and the nature of the observed cyber-attacks show that
attackers consciously and reasonably use the huge interdependence between organizations and the availability of
new technologies, as well as the lack of effective control over their access.
The reality of information and data exchange is subject to profound changes that occur almost imperceptibly, but
constantly. These changes mean that we will have to look at issues such as privacy, data protection and security in a
completely new, fresh way and adapt our activities to the new cyber reality. The dynamics of changes in the
environment of organizations means that in order to maintain business continuity, the organizations need a different
perspective on the issue of business risk in the cyberspace. Therefore, assuming that every organization was, is or
will be attacked by cyber adversaries (e.g. criminals, terrorists, hacktivists) we propose the idea of approach to cyber
risk management based on the cyber kill chain concept introduced by Lockheed Martin and published in [1], [2]. The
approach to cyber risk analysis presented in this article has not yet been published in the literature.
2. Information security and definition of cybersecurity
In today’s networked world, information/data can be sent, shared and stored in many forms, both digital and
physical. Therefore, information security includes the protection of such information and technical methods of
transmission, sharing and storage. In most cases, information security focuses mainly on the triad of confidentiality,
integrity and availability (CIA) of data and information. The confidentiality refers to the situation in which
information/data is viewed only by parties with the appropriate authorization and is considered in relation to the
concept of the least privilege, in which each person has only the absolutely required permissions. The integrity
means that the data is protected against false changes or damage during transmission and storage. Finally, the
availability is a guarantee that the data is available to users with reasonable permission whenever they are needed,
i.e. without service disruptions and unnecessary downtime. This triad CIA focuses on the security of the data itself
and the IT systems involved in data processing.
Based on the CIA triad, modern cyber security uses a variety of technical tools, best practice approaches, risk
management principles and concepts to protect information (data), ICT systems and their users against all forms of
digital and physical damage, and consequently financial losses caused by data breach at any means. This is reflected
in the following definitions of cybersecurity most often cited in the literature.
The International Organization for Standardization, in the document ISO/IEC 27032:2012 titled “Information
technology – Security techniques – Guidelines for cybersecurity”, defines “cybersecurity” or “cyberspace security” as
“the preservation of confidentiality, integrity and availability of information in the Cyberspace”. And the
cyberspace is defined as the complex environment resulting from the interaction of people, software and services
on the Internet by means of technology devices and networks connected to it, which does not exist in any physical
form [3]. The National Institute of Standards and Technology (NIST) defines cybersecurity as “the process of
protecting information by preventing, detecting, and responding to attacks” or “the prevention of damage to,
unauthorized use of, exploitation of, andif neededthe restoration of electronic information and communications
systems, and the information they contain, in order to strengthen the confidentiality, integrity and availability of
these systems” [4]. The Committee on National Security Systems (CNSSI 4009 – 2015) defines cybersecurity as
“prevention of damage to, protection of, and restoration of computers, electronic communications systems,
electronic communications services, wire communication, and electronic communication, including information
contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation” [5].
Thus, we can conclude from the above definitions that the main requirements of cyber security are
confidentiality, integrity and availability of information and data.
Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 657 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000 3
3. Cyber risk management process and cyber actors – threats vulnerabilities – consequences
The cyber risk management process is an ongoing process, which should take the form of an ordered sequence of
subsequent events, activities, decisions that result in the organization’s cybersecurity [6]. Therefore, identifying
potential cyber risk is a key task to avoid surprise, such as a cyber crisis. We should be aware of the fact that in
order to successfully deal with risk analysis, it is crucial to know cyber actors, threats, vulnerabilities and to
understand the nature of cyber-attack processes and define this risk as precisely as possible, by identifying its
causes, scope, limits and the type of potential threats that may affect achieving the goals set by the entity. The
overall relationship between the various categories of cyber actors, threats, vulnerabilities, and their impact on
information and data, with further consequences is shown in Fig. 1. Until now, the catalog of cyber threats contains
at least: malware, web-based attacks, web application attacks, phishing, denial of service, spam, botnets, data
breaches, insider threat, physical manipulation, information damage/theft/loss, information leakage, identity theft,
crypto jacking, ransomware, cyber espionage, backdoors, information leakage, exploit kits [7].
Government
driven
Terrorism
Corporate
esponage
Criminal
Hactivist
Nature
Legislation
People
Organizational
Structures
Processes
Technical
Phisical
National
Security
Environment
Life & Health
Economy
Reputation
Assests
Confidentiality
Integrity
Availability
Malware,
Web-Based Attacks,
Web Application
Attacks, Phishing,
Denial of Service,
Spam, Botnets,
Data Breaches,
Insider Threat,
Physical
Manipulation,
Information Damage/
Theft/Loss,
Information Leakage,
Identity Theft,
Crypto Jacking,
Ransomware,
Cyber Espionage,
Backdoors,
Information Leakage,
Exploit Kits
Fig. 1. Threats and vulnerabilities affect cybersecurity.
Fig. 2. Model of the risk management process in an organization [6].
658 Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 4 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000
As shown in Fig. 2 [6], we perceive the risk management process referring to the cyber security of an
organization as being iterative. The iterative approach to the cyber risk assessment process may be in the form of
increasing the level of details of each iteration or stopping the process – after each stage, there are decision points
(continue, end, return). We should realize that the risk assessment, including the risk analysis, is a fundamental
element of the risk management system in the organization, since during the risk assessment process we obtain the
information indispensable to make right decisions concerning the strategy of handling the risk, efficient choice of
the risk reduction measures, assessment of the transfer validity, acceptance or avoidance of the risk [6]. Once the
risk has been identified, estimated and assessed, the management of the organization is expected undertake the right
strategies to mitigate the risks. The strategies should include activities relating to the risks as follows: reducing,
transferring, accepting, and avoiding the cyber-attacks.
4. Cyber kill chain
Despite the fact how often people talk and write about cyber-attacks, even today many organizations and people
perceive a cyber-attack as an event that can hardly be resisted. However, in reality, a cyber-attack does not last a
short while, but is a process, i.e. a set of activities that must be performed in the right order and which have their
duration and place. These activities are combined into logical groups and are executed in stages, thus creating a
cyber-attack process which has usually a finite duration. The cyber-attack processes which are divided into phases
can be named cyber kill chains [2] or cyber-attack life cycles [8]. In other words, cyberattacks life cycles are
practical models to describe cyberattacks that consist of different intrusion stages related to network security and
information system security. In research literature cyber-attack life cycles and their phases are variously named,
defined and described. For instance, according to [9] the cycle consists of five stages: reconnaissance, scanning,
system access, malicious activity and exploitation. In [2] the cyber-attack process is named as the intrusion kill
chain and defined as the sequence of seven stages: reconnaissance, weaponization, delivery, exploitation,
installation, command and control (C2), actions on objectives. This chain is also described by many researchers, e.g.
in [10], [11]. Other researchers [12] point out six stages: reconnaissance, weaponization, delivery, exploitation,
installation, C2, objective achievement. These authors indicate that an attack on critical infrastructure should be
considered as a sequence of six phases: reconnaissance, weaponization, delivery, cyber execution, control
perturbation, physical objective realization. In cyber security papers, the cyber kill chain proposed in [1], [2] is a
very popular conceptual model usually describing cyber-attack processes, e.g. [7]. In this paper cyber kill chain is
understood as in [2], [8].
5. Risk management process based on cyber kill chain proposition
It is publicly known that modern cyber-attacks are becoming more frequent and more sophisticated [13] than in
the past, and their broad range of impact on business force us to reflect that none of nowadays organizations can
afford a casual approach to cyber risk management. The approach to protecting key resources, which has been used
for years, based on the detection and neutralization of cyber threats during or after their occurrence, and on the
improvement of security processes based on the conclusions of the threat analysis, ceased to be effective. The scale
of potential losses in organizations strongly dependent on information technologies can be so significant that they
will not have a chance to learn from their mistakes – they will not exist anymore as a result of an effective cyberattack. Cyber criminals and cyberterrorists know it very well. In this context one can notice that most dangerous
cyber-attacks have multi-stage nature with many attack vectors, and together with technological progress become
more and more complex, cover various elements and levels of the attacked organizations. Contrary to the general
outlook, such cyber-attacks are not short-lived processes at all. The recognition of advanced cyber-attacks and
intrusions are multistage, and occurs over periods of months, or even years. Therefore, the risk management process
should be based (“be woven”) on a cyber-attack life cycle. To illustrate our approach, we have chosen the cyber kill
chain model developed initially by Lockheed Martin [1].
Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 659 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000 5
Reconnaissance Weaponization Delivery
Command &
Control
(C2)
Exploitation Installation Actions on
Objectives
External & internal
Asset,
Threat,
Vulnerability
Threat scenario,
Consequence &
Likelihood analysis
Risk selection,
Risk ranging,
Risk level
determination
Attack/Defense,
Mitigation action,
Implementation
strategies
24/7 Action,
Monitoring &
Review
External & internal
Asset,
Threat,
Vulnerability
Consequence &
Likelihood analysis
Risk selection,
Risk ranging,
Risk level
determination
Attack/Defense,
Mitigation action,
Implementation
strategies
24/7 Action,
Monitoring &
Review
Internal
Asset,
Threat,
Vulnerability
Threat scenario,
Consequence &
Likelihood analysis
Risk selection,
Risk ranging,
Risk level
determination
Defense
Mitigation action,
Implementation
strategies
24/7 Action,
Monitoring &
Review
External & internal
Asset,
Threat,
Vulnerability
Threat scenario,
Consequence &
Likelihood analysis
Risk selection,
Risk ranging,
Risk level
determination
Defense
Mitigation action,
Implementation
strategies
24/7 Action,
Monitoring &
Review
External
Threat
Threat scenario
Risk selection,
Risk ranging
Mitigation action, if
it is possible
Monitoring if it is
possible
External
Asset,
Threat
Threat scenario
Risk ranging
Mitigation action
Monitoring &
Review
External & internal
Asset,
Threat
Threat scenario,
Consequence &
Likelihood analysis
Risk selection,
Risk ranging,
Risk level
determination
Attack/Defense,
Mitigation action,
Implementation
strategies
24/7 Action,
Monitoring &
Review
Establishing
the Context
Risk
Identification
Risk
Estimation
Risk
Assessment
Risk
Treatment
Action, Monitoring
& Review
Fig. 3. Risk management process built on the Lockheed Martin cyber kill chain.
Observing the scale and rate of the change of cyber threats [13], [14], [15] it can be assumed that every
organization has been, is and will be attacked. In this paper, based on reports of ENISA [7], we assume that each
cyber-attack can be described by the cyber kill chain. In our approach, the risk management process should
continuously apply for each stage of the cyber kill chain as it is described in Fig. 3.
Proposed cyber risk management process of identifying, analyzing, evaluating, assessing and ultimately
responding to cyber threats and monitoring risks in each stage of the cyber kill chain is the heart of our approach.
Appling the risk analysis on the kill chain across an entire organization, looking at both upside and downside risk,
and considering risk in the context of strategy is what differentiates from traditional cyber risk management used so
far, e.g. in [16]. The risk assessment steps (context, identification, evaluation, assessment) finally form the basis for
decision-making about priorities of the risks, the appropriate responses which should be taken, and the allocation of
organizations resources to manage the risks in order to support the organizations strategy in best way. The cyber
risk treatment involves deciding on and planning for the best way to react on cyber threats and implementing a
defense plan. Monitoring and reviewing of the status of cyber risks and their management, and communication and
consultation with stakeholders take place throughout the risk management process in order to take the best action at
right moment against the cyber risks.
Traditional risk assessment quantifies risk as the product of the probability of an undesirable event leading to
specific consequences and a measure of the negative impact on the organization due to this undesirable event
(probabilistic risk assessment) [17] or as a triplet of threat, vulnerability, and consequences [18]. In this article we
use probabilistic risk assessment to quantify cyber risks. To do this, we should first calculate the probability of each
phase of the cyber kill chain, which can be determined using following Markov model of the cyber kill chain with
iterations proposed in [8].
6. Probabilistic risk assessment based on the Markov model of cyber kill chain – illustration
In mathematical terms, the process describing the dynamics of cyber-attack behavior can be modeled as a
continuous time Markov chain (CTMC) with discrete state space [8]. The basic states
of the stochastic process are relevant stages of considered cyber kill chain (see Fig. 4). We assume that
behavior of the cyber kill chain fulfils Markov property, and the stages of the cyber kill chain are understood as in
[2], [8]. We assume that transition rates between the states are unchanging over the time, and the transition rate
660 Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 6 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000
matrix Q are known. Thus, basis on the above assumptions, the cyber kill chain can be modelled with using
homogeneous CTMC. The Markov chain can be analyzed by forming and solving Kolmogorov differential
equations:
dt
(1)
with the generating matrix Q and the initial condition 0 00, where ,
0 ( ).
The generating matrix Q has entries that are the rates at which the process jumps from state to state. These
entries are defined by
|
for all , and
.
Reconnaissance
S1
Weaponization
S2
Delivery
S3
Exploitation
S4
Installation
S5
Command &
Control (C2)
S6
Actions on
Objectives
S7
12 23 34 45 56 67
13
31
41
51
61
71
Fig. 4. State transition diagram for the cyber kill chain [8].
As we mentioned earlier, we can calculate risk traditionally as a product of likelihood of threats and their
impacts on the assets of an organizations. To illustrate our approach simply lets assume that is a
vector of monetary values of the organizations assets calculated at each stage of the cyber kill chain. Then, risk
score represented as can be calculated using the following equation:
(2)
In the introduction to this article we state that organizations were, are and will be attacked by cyber adversaries.
It means the cycle of attacks are repeated over the time. So, lets assume, like in [8], that cyber-attacks pass
sequentially through the stages from reconnaissance to action on objectives with a possibility of skipping only
one stage: weaponization. Lets assume additionally that the cyber-attack phases may be stopped, abandoned or
ended during any stage from delivery to action on objectives at any time. This situation is illustrated in Fig. 4 by
the direct graph with the state transitions of the given matrix Q for the Markov process modelling the cyber kill
chain with permanent cyber-attacks. The case of stopping, abandoning or ending an iteration of the cyber-attack
corresponds to the transitions from S3, S4, , or S7 to S1. Thus, the matrix Q is as follows:
0000
0 0000
0 000
0 0 0 0
0 0 0 0
0 0 0 0
0 0 0 0 0
(3)
For the process 0 with given matrix (3) we can calculate steady state probabilities. Let
Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 661 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000 7
be a stationary probability distribution where
Thus, if lim then lim
.
The system of Kolmogorov differential equations (1) with the matrix (3) for takes the form of the system of
linear equations due to . The steady state probabilities , , , can be obtained by solving the set of seven
equations given by six of the seven equations from and with the seventh equation
It is important to notice that we obtain vector of steady state probabilities as numbers which can help us to
calculate the risk score
given by equation (2) as follows
(4)
Let consider two examples of calculation of , , [8]. Firstly, we assume for simplicity that all non-zero
transition rates are equal to given , i.e. , , , and ,. Thus, we obtain steady
state probabilities as the vector of numbers
,
,
,
,
,
,
. Then
.
The second example. If the transition rates are , , ,
, , , then
,
,
,
,
,
,
. Thus risk score is as
follows:
.
In order to calculate risks at each stage of the cyber kill chain the stochastic model has to be parameterized.
Choosing the ijs, i.e. the expected time to succeed with cyber-attack stage given they are pursued, remains a
challenge. The most popular and straight-forward solution is to ask experts in cyber security domain assess the rates
ij and to base on their opinion, or to analyze existed empirical data, or a combination of both. The best way to
assess Markov transition rates would be on empirical findings from research of real network behaviors and activities
of ICT system users and threat actors, including e.g. browsing, downloads, installations, etc. Unfortunately, little
data are publicly available which can be used to estimate the likelihood of specific cyber threats [19]. It should be
mentioned that the process of assessing the rates ij is crucial, but it is not the primary focus of this article.
7. Conclusion
The leaders of cybersecurity will be those organizations which will not only be able to proactively respond to
cyber threats but will be able to anticipate and prevent them by using the principles of cyber risk management based
on above proposed approach. We believe that our proposal allows various organizations:
applying the principles of traditional risk-based approach, which is well known among business organizations,
and cybersecurity based on cyber kill chain approach,
good understanding of cyber risk appetite and cyber threat profile,
effectively preparing the organization for quick response to cyber incidents,
allowing the organization to survive the inevitable cyber-attack,
adjusting coherently the operating strategy in the cyberspace to the organization’s business goals,
continuous education, exercises and improvement to build the readiness of the organization to manage the
upcoming attacks,
strengthen cooperation with business partners and government and non-government institutions (e.g ENISA),
facilitating the acquisition of information and learning from the experience of others.
In our opinion, an important aspect of proposed approach is the application of principles of a risk-based approach
with cyber kill chain concept, continuous monitoring [20] [21] and acquisition of information both around the world
– that is, on the market and geopolitical arena, and locally – that is, within an organization and its infrastructure. The
risk assessment will be complete only if, on the one hand, it focuses on the details, and on the other hand, it is put in
the context of other collected information. Although assessing cyber risk applied as the product of the likelihood of
an adverse event at each stage of the cyber kill chain and the negative impacts may seem challenging, it can be
662 Romuald Hoffmann et al. / Procedia Manufacturing 44 (2020) 655662 8 R. Hoffmann et al. / Procedia Manufacturing 00 (2019) 000000
practically done by combining the knowledge of cyber security experts with analysis of existing data collected in the
organization.
In the authors opinion the proposed risk-based approach taking together with the cyber kill chain is a forwardlooking concept that will combine various laws, standards, regulations and good practices regarding information
processing, information exchange and data protection, including personal data.
References
[1] M. Cloppert, Security Intelligence: Attacking the Kill Chain, http://computer-forensics.sans.org/blog/2009/10/14/security-intelligenceattacking-the-kill-chain/ (2009)
[2] E. M. Hutchins, M. J. Cloppert, R. M. Amin, Intelligence-driven computer network defense informed by analysis of adversary campaigns and
intrusion kill chains, Leading Issues in Information Warfare and Security Research, 1, Academic Publishing International Ltd, Reading, UK
(2011) 78-104.
[3] http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=44375 (access November 2019)
[4] https://csrc.nist.gov/glossary/term/cybersecurity (access November 2019).
[5] CNSSI 4009: Committee on National Security Systems (CNSS) Glossary, http://www.cnss.gov/cnss/issuances/Instructions.cfm (2015)
(access November 2019).
[6] R. Hoffmann, M. Kiedrowicz, J. Stanik, Risk management system as the basic paradigm of the information security management system in an
organization, https://doi.org/10.1051/matecconf/20167604010, MATEC Web of Conferences 76, 04010 (2016).
[7] ENISA, ENISA Threat Landscape Report 2018, https://www.enisa.europa. (2019) (access
November 2019).
[8] R. Hoffmann, Markov Models of Cyber Kill Chains with Iterations, DOI: 10.1109/ICMCIS.2019.8842810, 2019 International Conference on
Military Communications and Information Systems (ICMCIS) (2019).
[9] K. G. J. Coleman, Aggression in Cyberspace, Conflict and Cooperation in the Global Commons: A Comprehensive Approach for
International Security, Georgetown University Press, Washington DC, (2012) 105-119.
[10] M. S. Khan, S. Siddiqui, K. Ferens, A Cognitive and Concurrent Cyber Kill Chain Model, Computer and Network Security Essentials,
Springer, Cham, Switzerland (2018) 585-602.
[11] Khan M. S., Siddiqui S., and Ferens K.: A Cognitive and Concurrent Cyber Kill Chain Model. In: Daimi K., (ed.) Computer and Network
Security Essentials, pp. 585-602. Springer, Cham, Switzerland (2018).
[12] A. Hahn, R.K. Thomas, I. Lozano, A. Cardenas, A multi-layered and kill-chain based security analysis framework for cyber-physical
systems, International Journal of Critical Infrastructure Protection, 11, (2015) 39-50.
[13] McAfee, McAfee Labs Threats Report. August 2019, https://www.mcafee.com/enterprise/en-us.pdf (2019) (access November 2019).
[14] https://www.fireeye.com/cyber-map/threat-map.html (access November 2019).
[15] https://threatmap.checkpoint.com (access November 2019).
[16] A. Refsdal, B. Solhaug, K. Stlen, Cyber-Risk Management, Springer Briefs in Computer Science, Springer (2015).
[17] W. Keller, M. Modarres, A historical overview of probabilistic risk assessment development and its use in the nuclear power industry: A
tribute to the late Professor Norman Carl Rasmussen, Reliability Engineering & System Safety, 89(3) (2005), 271285.
[18] S. Kaplan, B. J. Garrick, On the quantitative definition of risk, Risk Analysis, 1(1) (1981), 1127
[19] Z.A. Collier, D. DiMase, S. Walters, M. M, Tehranipoor, J.H. Lambert, I. Linkov, Cybersecurity standards: Managing risk and creating
resilience. Computer, 47(9) (2014) 7076.
[20] T. Yadav, A. M. Rao, Technical Aspects of Cyber Kill Chain, International Symposium on Security in Computing and Communication
SSCC 2015, CCIS 536 (2015) 438-452.
[21] E. Jonsson, L. Pirzadeh, A framework for security metrics based on operational system attributes, Proceedings 3rd International Workshop
on Security Measurements and Metrics (Metrisec 2011), (2011) 5865.
Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?
Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.
Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.
Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.
Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!
While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.
Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.
In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.
Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.
We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!
We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.
Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.
We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.
Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.
There is a very low likelihood that you won’t like the paper.
Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.
We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.
You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.
We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.
You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.
Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.
You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.
The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.
GET A PERFECT SCORE!!! 
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more