Accession Number:

AD1033863

Title:

Threat-Based Risk Assessment for Enterprise Networks

Descriptive Note:

Journal Article - Open Access

Corporate Author:

MIT Lincoln Laboratory Lexington United States

Personal Author(s):

• Riordan,James F
• Lippmann,Richard P

Report Date:

2016-02-15

Pagination or Media Count:

20.0

Abstract:

Protecting enterprise networks requires continuous risk assessment that automatically identifies and prioritizes cybersecurity risks, enables efficient allocation of cybersecurity resources, and enhances protection against modern cyberthreats. Lincoln Laboratory developed a foundational network security maturity model to guide development of such risk assessments and has developed practical risk metrics for the most important cyberthreats. These metrics can be computed automatically and continuously from security-relevant network data.

Descriptors:

• cyberattacks
• vulnerability
• computer network security
• computer networks
• risk assessment
• computer security
• threats

Subject Categories:

• Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE