TY - GEN
T1 - Taxonomy of Cyber Risk Mitigation Cost Benefit Analysis Methods for Energy Infrastructure
AU - Kam Hwei Syn, Yvonne
AU - Jones, Kevin
AU - Tam, Kimberly
AU - Rawlinson-Smith, Robert
PY - 2024/12/9
Y1 - 2024/12/9
N2 - Cybersecurity is a critical aspect for the energy industry to defend against cyber attacks. However, justifying the costs of cybersecurity measures is essential. A cost-benefit analysis (CBA) is commonly used to support decision-making for risk mitigation, helping to identify strategies that optimally balance mitigation costs and risk reduction. In this survey, we analyse existing approaches and provide a taxonomic overview of methods for cyber risk mitigation cost-benefit analysis, focusing on key aspects that determine their applicability to energy systems. The survey includes both general and contextual works, employing various methodologies for CBA, whether analytical or criteria-based. We conclude with an analysis of future directions based on recent developments in these methods. As an emerging area, this taxonomy could serve as a foundation that can be expanded with more data from other publications in the field, offering an opportunity to advance knowledge in energy systems.
AB - Cybersecurity is a critical aspect for the energy industry to defend against cyber attacks. However, justifying the costs of cybersecurity measures is essential. A cost-benefit analysis (CBA) is commonly used to support decision-making for risk mitigation, helping to identify strategies that optimally balance mitigation costs and risk reduction. In this survey, we analyse existing approaches and provide a taxonomic overview of methods for cyber risk mitigation cost-benefit analysis, focusing on key aspects that determine their applicability to energy systems. The survey includes both general and contextual works, employing various methodologies for CBA, whether analytical or criteria-based. We conclude with an analysis of future directions based on recent developments in these methods. As an emerging area, this taxonomy could serve as a foundation that can be expanded with more data from other publications in the field, offering an opportunity to advance knowledge in energy systems.
KW - cost benefit analysis
KW - cyber
KW - energy
KW - mitigation
KW - risk
KW - survey
KW - taxonomy
UR - http://www.scopus.com/inward/record.url?scp=85206194166&partnerID=8YFLogxK
UR - https://pearl.plymouth.ac.uk/context/secam-research/article/2476/viewcontent/Taxonomy_of_Cyber_Risk_Mitigation_Cost_Benefit_Analysis_Methods_for_Energy_Infrastructure.pdf
U2 - 10.1109/CSR61664.2024.10679375
DO - 10.1109/CSR61664.2024.10679375
M3 - Conference proceedings published in a book
T3 - Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience, CSR 2024
SP - 771
EP - 776
BT - Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience, CSR 2024
ER -