Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach
Cyber breaches are costly for the global economy and extensive efforts have gone into improving the cybersecurity infrastructure. There are numerous types of cyber breaches that vary greatly in terms of cause and impact, resulting in an extensive literature for individual cyber breach type. Our pape...
| Автори: | , , , |
|---|---|
| Інші автори: | |
| Формат: | Journal Article |
| Мова: | English |
| Опубліковано: |
2024
|
| Предмети: | |
| Онлайн доступ: | https://hdl.handle.net/10356/173567 |
| _version_ | 1826119866867777536 |
|---|---|
| author | Goh, Jing Rong Wang, Shaun S. Harel, Yaniv Toh, Gabriel |
| author2 | Nanyang Business School |
| author_facet | Nanyang Business School Goh, Jing Rong Wang, Shaun S. Harel, Yaniv Toh, Gabriel |
| author_sort | Goh, Jing Rong |
| collection | NTU |
| description | Cyber breaches are costly for the global economy and extensive efforts have gone into improving the cybersecurity infrastructure. There are numerous types of cyber breaches that vary greatly in terms of cause and impact, resulting in an extensive literature for individual cyber breach type. Our paper seeks to provide a general framework that can be easily applied to analyze different types of cyber breaches. Our framework is inspired by the taxonomy approach in the cybersecurity literature, where it was proposed that an effective set of taxonomy can provide a direction on supporting improved decision-making in cyber risk management and selecting relevant cybersecurity controls. Our paper extends upon the current approach by using this taxonomy to model and predict the associated breach outcomes, given the occurrence of a cyber breach. Specifically, our paper applies least absolute shrinkage and selection operator (LASSO) within a taxonomy framework. Using a proprietary database of known cyber breaches, we show that this analytical tool performs well in out-of-sample predictions and a stable model that generates consistent predictions. For each cyber breach outcome type, we also provide the list of keywords that are useful in predicting the outcome type. We envision researchers, insurers, underwriters, and cybersecurity professionals can use (or expand on) our list of keywords, or use our method to yield their own set of keywords. Practitioners who seek to mitigate their cyber risk may use these keywords as a guide towards the specific attack surfaces that might be most susceptible to the corresponding breach. Our paper lays the groundwork for researchers to better apply the taxonomy approach within cybersecurity research. We also perform regression analysis to identify industries that are most susceptible to various cyber breach events. Our results corroborate with the literature, where some industries are indeed more likely to be impacted by certain types of cyberattacks. |
| first_indexed | 2024-10-01T05:07:08Z |
| format | Journal Article |
| id | ntu-10356/173567 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T05:07:08Z |
| publishDate | 2024 |
| record_format | dspace |
| spelling | ntu-10356/1735672024-02-15T15:35:57Z Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach Goh, Jing Rong Wang, Shaun S. Harel, Yaniv Toh, Gabriel Nanyang Business School Computer and Information Science Predicting outcomes Predictive analytics Cyber breaches are costly for the global economy and extensive efforts have gone into improving the cybersecurity infrastructure. There are numerous types of cyber breaches that vary greatly in terms of cause and impact, resulting in an extensive literature for individual cyber breach type. Our paper seeks to provide a general framework that can be easily applied to analyze different types of cyber breaches. Our framework is inspired by the taxonomy approach in the cybersecurity literature, where it was proposed that an effective set of taxonomy can provide a direction on supporting improved decision-making in cyber risk management and selecting relevant cybersecurity controls. Our paper extends upon the current approach by using this taxonomy to model and predict the associated breach outcomes, given the occurrence of a cyber breach. Specifically, our paper applies least absolute shrinkage and selection operator (LASSO) within a taxonomy framework. Using a proprietary database of known cyber breaches, we show that this analytical tool performs well in out-of-sample predictions and a stable model that generates consistent predictions. For each cyber breach outcome type, we also provide the list of keywords that are useful in predicting the outcome type. We envision researchers, insurers, underwriters, and cybersecurity professionals can use (or expand on) our list of keywords, or use our method to yield their own set of keywords. Practitioners who seek to mitigate their cyber risk may use these keywords as a guide towards the specific attack surfaces that might be most susceptible to the corresponding breach. Our paper lays the groundwork for researchers to better apply the taxonomy approach within cybersecurity research. We also perform regression analysis to identify industries that are most susceptible to various cyber breach events. Our results corroborate with the literature, where some industries are indeed more likely to be impacted by certain types of cyberattacks. Monetary Authority of Singapore Nanyang Technological University National Research Foundation (NRF) Published version The research work was supported by two research programmes: (1) the Cyber Risk Management (CyRiM) programme, a public-private partnership between the Nanyang Technological University, the Monetary Authority of Singapore, the Cyber Security Agency of Singapore, Aon, Lloyd’s, MSIG, SCOR and TransRe; and (2) The Quantification of Cyber Risk programme, jointly awarded by the National Research Foundation of Singapore and Tel Aviv University of Israel. 2024-02-14T05:20:17Z 2024-02-14T05:20:17Z 2023 Journal Article Goh, J. R., Wang, S. S., Harel, Y. & Toh, G. (2023). Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach. Journal of Cybersecurity, 9(1), 1-15. https://dx.doi.org/10.1093/cybsec/tyad015 2057-2085 https://hdl.handle.net/10356/173567 10.1093/cybsec/tyad015 2-s2.0-85168763652 1 9 1 15 en Journal of Cybersecurity © The Author(s) 2023. Published by Oxford University Press. This is an Open Access article distributed under the terms of the Creative Commons Attribution-NonCommercial License (https://creativecommons.org/licenses/by-nc/4.0/), which permits non-commercial re-use, distribution, and reproduction in any medium, provided the original work is properly cited. For commercial re-use, please contact journals.permissions@oup.com application/pdf |
| spellingShingle | Computer and Information Science Predicting outcomes Predictive analytics Goh, Jing Rong Wang, Shaun S. Harel, Yaniv Toh, Gabriel Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title | Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title_full | Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title_fullStr | Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title_full_unstemmed | Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title_short | Predictive taxonomy analytics (LASSO): predicting outcome types of cyber breach |
| title_sort | predictive taxonomy analytics lasso predicting outcome types of cyber breach |
| topic | Computer and Information Science Predicting outcomes Predictive analytics |
| url | https://hdl.handle.net/10356/173567 |
| work_keys_str_mv | AT gohjingrong predictivetaxonomyanalyticslassopredictingoutcometypesofcyberbreach AT wangshauns predictivetaxonomyanalyticslassopredictingoutcometypesofcyberbreach AT harelyaniv predictivetaxonomyanalyticslassopredictingoutcometypesofcyberbreach AT tohgabriel predictivetaxonomyanalyticslassopredictingoutcometypesofcyberbreach |