Abstract
Cyber-attacks are serious threats to operations in most industries, enabled by a growing dependence on Information Technology (IT). To minimise disruptive effects on operations, organisations with complex system derive value both from preventing cyber-attacks and from responding promptly and coherently when cyber-attacks happen, capacity is known as cyber-resilience. Frameworks have been presented in literature to promote cyber-resilient response, yet little is known about the structures that result in a cyber-resilient behaviour. This paper explores an approach to modelling the structure of a system that is subject to an infection an eventual recovery from zero-day malware cyber-attacks, based on mechanisms derived from epidemiology. By analysing the relationship between the system vulnerabilities and the incidence of malware infections in a population of systems, this paper derives structural recommendations for resilience response, and policy requirements based on the claim that cyber-threats are a public-cyber-health issue instead of merely a competitive factor.
Original language | English |
---|---|
Journal | Journal of Simulation |
Volume | 17 |
Issue number | 1 |
Pages (from-to) | 1-16 |
Number of pages | 16 |
ISSN | 1747-7778 |
DOIs | |
Publication status | Published - 2023 |
Externally published | Yes |
Keywords
- Health Sciences
- System dynamics
- cyber-epidemiology
- cyber-resilience