Using Potential Effects on Threat Events (PETE) to Assess Mitigation Effectiveness and Return on Investment (ROI)

Using Potential Effects on Threat Events (PETE) to Assess Mitigation Effectiveness and Return on Investment (ROI)

A chronic problem in cybersecurity and cyber resilience is the definition of metrics, so that return on investment can be evaluated. This paper discusses how the Potential Effects on Threat Events (PETE) framework for describing the potential effects of technologies, operational practices, and engin...

Full description

Saved in:
Bibliographic Details
Published in:2022 IEEE International Conference on Cyber Security and Resilience (CSR) pp. 287 - 292
Main Authors: Bodeau, Deborah J., Graubart, Richard, McQuaid, Rosalie
Format: Conference Proceeding
Language:English
Published: IEEE 27-07-2022
Subjects:
Computer crime
cyber operations
cyber resilience
cyber security
Investment
measure of effectiveness
Measurement
metrics
NIST
Resilience
return on investment
Risk management
systems security engineering
Vocabulary
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A chronic problem in cybersecurity and cyber resilience is the definition of metrics, so that return on investment can be evaluated. This paper discusses how the Potential Effects on Threat Events (PETE) framework for describing the potential effects of technologies, operational practices, and engineering decisions on threats, which can be used to define metrics and measures of effectiveness.
DOI:10.1109/CSR54599.2022.9850337