The field of cyber risks is rapidly expanding, yet significant research remains to be conducted. Numerous taxonomy-based systems have been proposed in both the academic literature and industrial practice to classify cyber risk threats. However, the fragmentation of various approaches has resulted in a plethora of taxonomies, often incongruent with one another. In this study, we undertake a comprehensive review of these alternative taxonomies and offer a common framework for their classification based on their scope. Furthermore, we introduce desirable properties of a taxonomy, which enable comparisons of different taxonomies with the same scope. Finally, we discuss the managerial implications stemming from the utilization of each taxonomy class to support decision-making processes.

A taxonomy of cyber risk taxonomies

Khorrami Chokami A.;
2024-01-01

Abstract

The field of cyber risks is rapidly expanding, yet significant research remains to be conducted. Numerous taxonomy-based systems have been proposed in both the academic literature and industrial practice to classify cyber risk threats. However, the fragmentation of various approaches has resulted in a plethora of taxonomies, often incongruent with one another. In this study, we undertake a comprehensive review of these alternative taxonomies and offer a common framework for their classification based on their scope. Furthermore, we introduce desirable properties of a taxonomy, which enable comparisons of different taxonomies with the same scope. Finally, we discuss the managerial implications stemming from the utilization of each taxonomy class to support decision-making processes.
2024
cyber risks; industrial taxonomy; risk classification
File in questo prodotto:
File Dimensione Formato  
2024_Rabitti_KC_Coyle_Cohen.pdf

accesso aperto

Tipologia: versione post-print
Dimensione 133.62 kB
Formato Adobe PDF
133.62 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11584/416863
Citazioni
  • ???jsp.display-item.citation.pmc??? 0
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact