Cover Image

Event-based cybersecurity risk assessment

In today’s digital age, organisations’ dependence on technology for operational efficiency, improved service delivery, and client interaction has grown considerably. This increasing reliance has, however, also amplified vulnerability to cyber risks, underscoring the urgent need for effective cyberse...

Full description

Saved in:
Bibliographic Details
Main Authors: Wan Mohamad, Wan Azlena, Abdul Molok, Nurul Nuha, Abd Rahim, Noor Hayani
Format: Book Chapter
Language:English
Published: KICT Publishing 2024
Subjects:
T58.5 Information technology
Online Access:http://irep.iium.edu.my/117099/1/PGColloqiumIREP.pdf
http://irep.iium.edu.my/117099/
https://kulliyyah.iium.edu.my/kict/postgraduate-pg-colloquium-ebook/#
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.iium.irep.117099
record_format dspace
spelling my.iium.irep.1170992024-12-30T05:55:18Z http://irep.iium.edu.my/117099/ Event-based cybersecurity risk assessment Wan Mohamad, Wan Azlena Abdul Molok, Nurul Nuha Abd Rahim, Noor Hayani T58.5 Information technology In today’s digital age, organisations’ dependence on technology for operational efficiency, improved service delivery, and client interaction has grown considerably. This increasing reliance has, however, also amplified vulnerability to cyber risks, underscoring the urgent need for effective cybersecurity risk management within organisations. Cybersecurity risk management involves the identification, assessment, and mitigation of threats to safeguard individuals, organizations, and nations from cyber risks. At the heart of this process is the cybersecurity risk assessment, a crucial activity focused on understanding and mitigating potential cyber threats. Two main approaches are commonly employed in risk assessment: the event-based approach and the asset-based approach. Here, an "event" denotes any occurrence or shift in circumstances that might affect security. This study investigates the event-based risk assessment by assessing potential cyber-attacks or events that could compromise the confidentiality, integrity, and availability of digital data, thereby posing significant cybersecurity risks to organizations. Academic research has often focused on asset-based methods, potentially weakening strategies against new and emerging cyber threats. Many academic findings are tailored to specific application systems or sectors, which might not adequately address the unique risks and necessary controls pertinent to different sectors. Moreover, there is a noticeable disconnect between academic approaches and established cybersecurity guidelines that align with international standards, such as those from the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO). To bridge these gaps, this study examines an event-based cybersecurity risk assessment for organisations. Utilizing a qualitative research approach, interviews will be conducted with risk assessment officers who have served in the organisations for over 10 years and have experience in cybersecurity risk assessment within them. Through thematic analysis of the qualitative data, this study aims to examine an event-based cybersecurity risk assessment, contributing to the strengthening of the cybersecurity framework within organisations. KICT Publishing 2024-12-23 Book Chapter NonPeerReviewed application/pdf en http://irep.iium.edu.my/117099/1/PGColloqiumIREP.pdf Wan Mohamad, Wan Azlena and Abdul Molok, Nurul Nuha and Abd Rahim, Noor Hayani (2024) Event-based cybersecurity risk assessment. In: POSTGRADUATE COLLOQUIM 2024 INNOVATING FOR A SUSTAINABLE FUTURE: INTERDISCIPLINARY APPROACHES IN THE DIGITAL ERA. KICT Publishing, pp. 5-8. https://kulliyyah.iium.edu.my/kict/postgraduate-pg-colloquium-ebook/#
institution Universiti Islam Antarabangsa Malaysia
building IIUM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider International Islamic University Malaysia
content_source IIUM Repository (IREP)
url_provider http://irep.iium.edu.my/
language English
topic T58.5 Information technology
spellingShingle T58.5 Information technology
Wan Mohamad, Wan Azlena
Abdul Molok, Nurul Nuha
Abd Rahim, Noor Hayani
Event-based cybersecurity risk assessment
description In today’s digital age, organisations’ dependence on technology for operational efficiency, improved service delivery, and client interaction has grown considerably. This increasing reliance has, however, also amplified vulnerability to cyber risks, underscoring the urgent need for effective cybersecurity risk management within organisations. Cybersecurity risk management involves the identification, assessment, and mitigation of threats to safeguard individuals, organizations, and nations from cyber risks. At the heart of this process is the cybersecurity risk assessment, a crucial activity focused on understanding and mitigating potential cyber threats. Two main approaches are commonly employed in risk assessment: the event-based approach and the asset-based approach. Here, an "event" denotes any occurrence or shift in circumstances that might affect security. This study investigates the event-based risk assessment by assessing potential cyber-attacks or events that could compromise the confidentiality, integrity, and availability of digital data, thereby posing significant cybersecurity risks to organizations. Academic research has often focused on asset-based methods, potentially weakening strategies against new and emerging cyber threats. Many academic findings are tailored to specific application systems or sectors, which might not adequately address the unique risks and necessary controls pertinent to different sectors. Moreover, there is a noticeable disconnect between academic approaches and established cybersecurity guidelines that align with international standards, such as those from the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO). To bridge these gaps, this study examines an event-based cybersecurity risk assessment for organisations. Utilizing a qualitative research approach, interviews will be conducted with risk assessment officers who have served in the organisations for over 10 years and have experience in cybersecurity risk assessment within them. Through thematic analysis of the qualitative data, this study aims to examine an event-based cybersecurity risk assessment, contributing to the strengthening of the cybersecurity framework within organisations.
format Book Chapter
author Wan Mohamad, Wan Azlena
Abdul Molok, Nurul Nuha
Abd Rahim, Noor Hayani
author_facet Wan Mohamad, Wan Azlena
Abdul Molok, Nurul Nuha
Abd Rahim, Noor Hayani
author_sort Wan Mohamad, Wan Azlena
title Event-based cybersecurity risk assessment
title_short Event-based cybersecurity risk assessment
title_full Event-based cybersecurity risk assessment
title_fullStr Event-based cybersecurity risk assessment
title_full_unstemmed Event-based cybersecurity risk assessment
title_sort event-based cybersecurity risk assessment
publisher KICT Publishing
publishDate 2024
url http://irep.iium.edu.my/117099/1/PGColloqiumIREP.pdf
http://irep.iium.edu.my/117099/
https://kulliyyah.iium.edu.my/kict/postgraduate-pg-colloquium-ebook/#
_version_ 1819909420348342272
score 13.223943

Similar Items