LEADER 04439nam 2200457 450 001 9910585774503321 005 20231110213325.0 010 $a9783031069949$b(electronic bk.) 010 $z9783031069932 035 $a(MiAaPQ)EBC7047958 035 $a(Au-PeEL)EBL7047958 035 $a(CKB)24272698800041 035 $a(PPN)26389777X 035 $a(EXLCZ)9924272698800041 100 $a20230104d2022 uy 0 101 0 $aeng 135 $aurcnu|||||||| 181 $ctxt$2rdacontent 182 $cc$2rdamedia 183 $acr$2rdacarrier 200 10$aCybercomplexity $ea macroscopic view of cybersecurity risk /$fCarl S. Young 210 1$aCham, Switzerland :$cSpringer,$d[2022] 210 4$d©2022 215 $a1 online resource (183 pages) 225 1 $aAdvanced Sciences and Technologies for Security Applications 311 08$aPrint version: Young, Carl S. Cybercomplexity Cham : Springer International Publishing AG,c2022 9783031069932 327 $aIntro -- Foreword -- Preface -- Acknowledgements -- Introduction -- Contents -- About the Author -- Part I Security Risk Fundamentals -- 1 Core Concepts -- 1.1 Introduction -- 1.2 IT Environments Versus Threat Scenarios -- 1.3 The Components of Risk -- 1.4 Risk Factors and Risk-Relevance -- 1.5 Residual Risk -- 1.6 Risk Assessment Universality -- 1.7 Risk Calibration and Variability -- 2 Representing Cybersecurity Risk -- 2.1 Introduction -- 2.2 Linearity and Non-linearity -- 2.3 Security Risk Models -- 2.4 Security Risk Categorization -- 3 Scale and Scaling Relations -- 3.1 Introduction -- 3.2 Cybersecurity Risk and Perspective -- 3.3 Risk-Relevant Time and Distance Scales -- 3.4 Power Laws and Scaling Relations -- 3.5 The Power of Scaling Relations -- 3.6 Authentication and Scale -- 4 IT Environment Dimensions and Risk Factors -- 4.1 Introduction -- 4.2 Information Management -- 4.3 Information Technology -- 4.4 Network Users -- Part II Stochastic Security Risk Management -- 5 Security Risk Management Statistics -- 5.1 Introduction -- 5.2 IT Environment States -- 5.3 Information Content and Message Source Uncertainty -- 6 Information Entropy -- 6.1 Introduction -- 6.2 Ergodicity -- 6.3 Introduction to Information Entropy -- 6.4 Applying Information Entropy -- 6.5 Information Entropy and Security Risk Management -- Part III Enterprise Cybersecurity Risk -- 7 Complexity and Cybercomplexity -- 7.1 Introduction -- 7.2 Security Risk Management Uncertainty -- 7.3 Uncertainty, Diversity and Complexity -- 7.4 A Cybercomplexity Scaling Relation -- 8 Cybercomplexity Metrics -- 8.1 Introduction -- 8.2 Absolute Complexity -- 8.3 Relative Complexity -- 8.4 The Density of States -- 8.5 Non-binary Security Risk Management -- 8.6 Information Entropy Calibration -- Part IV Cybercomplexity Genesis and Management -- 9 Cybercomplexity Root Causes. 327 $a9.1 Introduction -- 9.2 The Organizational Tolerance for Risk -- 9.3 Convenience-Driven Culture -- 9.4 Structural and Functional Anomalies -- 9.5 Exception-Based Processes -- 9.6 Inconsistent Identity and Access Management -- 9.7 Liberal Internet and Information Access -- 9.8 Under-Resourced IT Departments -- 10 Macroscopic Security Controls -- 10.1 Introduction -- 10.2 Security Acculturation -- 10.3 Centralized Security Governance -- 10.4 Standardization and Compression -- 10.5 Role-Based Identity and Access Management -- 10.6 Education, Training and Threat Awareness -- 10.7 Internet Intelligence -- 10.8 Data and Resource Minimization -- 11 Trust and Identity Authentication -- 11.1 Introduction -- 11.2 The Fundamentals of Trust -- 11.3 Identity Authentication Entropy and Trust -- 11.4 Correlation and Trust -- 11.5 A Stochastic Framework for Trust -- 12 Operational Implications -- 12.1 Introduction -- 12.2 Risk-Relevant Organizational Features -- 12.3 Key Operational Results -- 12.4 Operational Limits -- 12.5 The Potential for Information Compromise -- 12.6 Cybercomplexity Assessments -- Epilogue. 410 0$aAdvanced Sciences and Technologies for Security Applications 606 $aComputer security 606 $aData protection 615 0$aComputer security. 615 0$aData protection. 676 $a658.477 700 $aYoung$b Carl S.$0894335 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 912 $a9910585774503321 996 $aCybercomplexity$92902819 997 $aUNINA