Dynamic risk assessment in IT environments: a decision guide

Thumbnail Image
Publication date
Defense date
Journal Title
Journal ISSN
Volume Title
Igi Global
Google Scholar
Research Projects
Organizational Units
Journal Issue
Security and reliability of information technologies have emerged as major concerns nowadays. Risk assessment, an estimation of negative impacts that might be imposed to a network by a series of potential sources, is one of the main tasks to ensure the security and is performed either statically or dynamically. Static risk assessment cannot satisfy the requirements of real-time and ubiquitous computing networks as it is pre-planned and does not consider upcoming changes such as the creation of new attack strategies. However, dynamic risk assessment (DRA) considers real-time evidences, being capable of diagnosing abnormal events in changing environments. Several DRA approaches have been proposed recently, but it is unclear which technique fits best into IT scenarios with different requirements. Thus, this chapter introduces recent trends in DRA, by analyzing 27 works and proposes a decision guide to help IT managers in choosing the most suitable DRA technique considering three illustrative scenarios – regular computer networks, internet of things, and industrial control systems.
Bibliographic citation
Mirzaei, O., Maria de Fuentes, J., & Manzano, L. G. (2018). Dynamic Risk Assessment in IT Environments: A Decision Guide. In Z. Fields (Ed.), Handbook of Research on Information and Cyber Security in the Fourth Industrial Revolution (pp. 234-263). IGI Global.