A system dynamics, epidemiological approach for high-level cyber-resilience to zero-day vulnerabilities

Daniel Sepulveda Estay*

*Corresponding author for this work
7 Citations (Scopus)

Abstract

Cyber-attacks are serious threats to operations in most industries, enabled by a growing dependence on Information Technology (IT). To minimise disruptive effects on operations, organisations with complex system derive value both from preventing cyber-attacks and from responding promptly and coherently when cyber-attacks happen, capacity is known as cyber-resilience. Frameworks have been presented in literature to promote cyber-resilient response, yet little is known about the structures that result in a cyber-resilient behaviour. This paper explores an approach to modelling the structure of a system that is subject to an infection an eventual recovery from zero-day malware cyber-attacks, based on mechanisms derived from epidemiology. By analysing the relationship between the system vulnerabilities and the incidence of malware infections in a population of systems, this paper derives structural recommendations for resilience response, and policy requirements based on the claim that cyber-threats are a public-cyber-health issue instead of merely a competitive factor.
Original languageEnglish
JournalJournal of Simulation
Volume17
Issue number1
Pages (from-to)1-16
Number of pages16
ISSN1747-7778
DOIs
Publication statusPublished - 2023
Externally publishedYes

Keywords

  • Health Sciences
  • System dynamics
  • cyber-epidemiology
  • cyber-resilience

Fingerprint

Dive into the research topics of 'A system dynamics, epidemiological approach for high-level cyber-resilience to zero-day vulnerabilities'. Together they form a unique fingerprint.

Cite this