Estimating the Likelihood of Cyber Attacks When There’s “Insufficient Data”

  • Friday, March 2, 2012 | 11:20 AM – 12:10 PM | Room: Room 102

View all Sessions

Standard statistical techniques are inadequate for estimating the likelihood of future cyber attacks. Yet risk assessments and security planning urgently need this. This talk will outline the techniques that have allowed the US-CCU to anticipate Stuxnet and nearly every major new attack development over the last eight years. The secret is to identify attack pre-conditions and capability thresholds.


This document was retrieved from on Wed, 20 Feb 2019 02:22:29 -0500.