Cybercomplexity : a macroscopic view of cybersecurity risk / Carl S. Young.

Author
Young, Carl S. [Browse]
Format
Book
Language
English
Published/​Created
  • Cham, Switzerland : Springer, [2022]
  • ©2022
Description
1 online resource (183 pages)

Details

Subject(s)
Series
Advanced Sciences and Technologies for Security Applications Ser. [More in this series]
Source of description
Description based on print version record.
Contents
  • Intro
  • Foreword
  • Preface
  • Acknowledgements
  • Introduction
  • Contents
  • About the Author
  • Part I Security Risk Fundamentals
  • 1 Core Concepts
  • 1.1 Introduction
  • 1.2 IT Environments Versus Threat Scenarios
  • 1.3 The Components of Risk
  • 1.4 Risk Factors and Risk-Relevance
  • 1.5 Residual Risk
  • 1.6 Risk Assessment Universality
  • 1.7 Risk Calibration and Variability
  • 2 Representing Cybersecurity Risk
  • 2.1 Introduction
  • 2.2 Linearity and Non-linearity
  • 2.3 Security Risk Models
  • 2.4 Security Risk Categorization
  • 3 Scale and Scaling Relations
  • 3.1 Introduction
  • 3.2 Cybersecurity Risk and Perspective
  • 3.3 Risk-Relevant Time and Distance Scales
  • 3.4 Power Laws and Scaling Relations
  • 3.5 The Power of Scaling Relations
  • 3.6 Authentication and Scale
  • 4 IT Environment Dimensions and Risk Factors
  • 4.1 Introduction
  • 4.2 Information Management
  • 4.3 Information Technology
  • 4.4 Network Users
  • Part II Stochastic Security Risk Management
  • 5 Security Risk Management Statistics
  • 5.1 Introduction
  • 5.2 IT Environment States
  • 5.3 Information Content and Message Source Uncertainty
  • 6 Information Entropy
  • 6.1 Introduction
  • 6.2 Ergodicity
  • 6.3 Introduction to Information Entropy
  • 6.4 Applying Information Entropy
  • 6.5 Information Entropy and Security Risk Management
  • Part III Enterprise Cybersecurity Risk
  • 7 Complexity and Cybercomplexity
  • 7.1 Introduction
  • 7.2 Security Risk Management Uncertainty
  • 7.3 Uncertainty, Diversity and Complexity
  • 7.4 A Cybercomplexity Scaling Relation
  • 8 Cybercomplexity Metrics
  • 8.1 Introduction
  • 8.2 Absolute Complexity
  • 8.3 Relative Complexity
  • 8.4 The Density of States
  • 8.5 Non-binary Security Risk Management
  • 8.6 Information Entropy Calibration
  • Part IV Cybercomplexity Genesis and Management
  • 9 Cybercomplexity Root Causes.
  • 9.1 Introduction
  • 9.2 The Organizational Tolerance for Risk
  • 9.3 Convenience-Driven Culture
  • 9.4 Structural and Functional Anomalies
  • 9.5 Exception-Based Processes
  • 9.6 Inconsistent Identity and Access Management
  • 9.7 Liberal Internet and Information Access
  • 9.8 Under-Resourced IT Departments
  • 10 Macroscopic Security Controls
  • 10.1 Introduction
  • 10.2 Security Acculturation
  • 10.3 Centralized Security Governance
  • 10.4 Standardization and Compression
  • 10.5 Role-Based Identity and Access Management
  • 10.6 Education, Training and Threat Awareness
  • 10.7 Internet Intelligence
  • 10.8 Data and Resource Minimization
  • 11 Trust and Identity Authentication
  • 11.1 Introduction
  • 11.2 The Fundamentals of Trust
  • 11.3 Identity Authentication Entropy and Trust
  • 11.4 Correlation and Trust
  • 11.5 A Stochastic Framework for Trust
  • 12 Operational Implications
  • 12.1 Introduction
  • 12.2 Risk-Relevant Organizational Features
  • 12.3 Key Operational Results
  • 12.4 Operational Limits
  • 12.5 The Potential for Information Compromise
  • 12.6 Cybercomplexity Assessments
  • Epilogue.
ISBN
9783031069949 ((electronic bk.))
Statement on language in description
Princeton University Library aims to describe library materials in a manner that is respectful to the individuals and communities who create, use, and are represented in the collections we manage. Read more...
Other views
Staff view

Supplementary Information