Mariana Cains

Learn More
Traditional cybersecurity risk assessment is reactive and based on business risk assessment approach. The 2014 NIST Cybersecurity Framework provides businesses with an organizational tool to catalog cybersecurity efforts and areas that need additional support. As part of an on-going effort to develop a holistic, predictive cyber security risk assessment(More)
Decision-making in cyber-security is mostly ad-hoc and highly reliant on static policies, as well as human intervention. This does not fit current networks/systems, as they are highly dynamic systems where security assessments have to be performed, and decisions have to be made, automatically and in real-time. To address this problem, we propose a(More)
The paper presents results of a study of malware spreading in heterogeneous networks using epidemiological modeling framework. The model is one of the first to incorporate heterogeneity among the three components of the network: software, hardware and network type. This model also allows for both cyber and non-cyber-related impact on the mission. The(More)
  • 1