Towards a Reconceptualisation of Cyber Risk: An Empirical and Ontological Study

Abstract:

The prominence and use of the concept of cyber risk has been rising in recent years. This paper presents empirical investigations focused on two important and distinct groups within the broad community of cyber-defence professionals and researchers: (1) cyber practitioners and (2) developers of cyber ontologies. The key finding of this work is that the ways the concept of cyber risk is treated by practitioners of cyber security is largely inconsistent with definitions of cyber risk commonly offered in the literature. Contrary to commonly-cited definitions of cyber risk, concepts such as the likelihood of an event and the extent of its impact are not used by cyber- security practitioners. This is also the case for the use of these concepts in the current generation of cyber-security ontologies. Instead, terms and concepts reflective of the adversarial nature of cyber defence appear to take the most prominent roles. This research offers the first quantitative, empirical evidence that rejection of traditional concepts of cyber risk by cyber-security professionals is indeed observed in real-world practice.


AUTHORS

Photo of Dr. Alessandro Oltramari

Bosch Research and Technology Center
Pittsburgh, Pennsylvania, USA

Dr. Alessandro Oltramari is a Research Scientist and Project Lead at the Bosch Research and Technology Center (Pittsburgh, PA, USA), where he works on intelligent  systems  and semantic technologies. Prior to this position, he was a Research Associate at Carnegie Mellon University   (2010-2016).   He also held a research position at the Laboratory for Applied Ontology (ISTC-CNR) in Trento (Italy) from 2000 to 2010. He was a Visiting Research Associate at Princeton University in 2005 and 2006. He earned his doctorate in Cognitive Science and Education from the University of Trento, in co-tutorship with the Institute for Cognitive Science and Technology of the Italian National Research Council (ISTC-CNR). His primary research interests are centred around theoretical and applied research on knowledge representation and cognitive technologies.

 

Photo of Dr. Alexander Kott

Computational and Information Sciences Directorate U.S. Army Research Laboratory Adelphi, MD
U.S.A.

Alexander Kott earned his PhD in mechanical engineering from the University of Pittsburgh, Pittsburgh, PA, in 1989, where he researched AI approaches to invention of complex systems. He serves as the US Army Research Laboratory’s Chief Scientist in Adelphi, MD. In this role, he provides leadership in developing ARL technical strategy, maintaining technical quality of ARL research, and representing ARL to the external technical community. Between 2009 and 2016, he was Chief of the Network Science Division, Computational and Information Sciences Directorate, ARL, and was responsible for fundamental research and applied development in network science and science for cyber defense.                                                                                        

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com