2015 | OriginalPaper | Chapter
Which Measure of Risk Level to Use?
Authors : Atle Refsdal, Bjørnar Solhaug, Ketil Stølen
Published in: Cyber-Risk Management
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
There is no universal agreement on how to measure risk. The definition of risk in ISO 31000, for example, comes with five notes, each defining risk in a slightly different way. Traditionally, risk value is a function of two factors, namely likelihood and consequence. However, within the field of cybersecurity, three-factor and many-factor definitions are gaining popularity. This chapter discusses the different alternatives and provides advice on when to use which.