{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T11:31:26Z","timestamp":1757590286780},"reference-count":58,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,5,8]],"date-time":"2024-05-08T00:00:00Z","timestamp":1715126400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,5,8]],"date-time":"2024-05-08T00:00:00Z","timestamp":1715126400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"name":"This work was partially funded by the Horizon Europe program through the projects \u201c Reliability, Resilience and Defense Technology for the Grid \u201d","award":["(Grant agreement ID: 101075714).","(Grant agreement ID: 101075714)."],"award-info":[{"award-number":["(Grant agreement ID: 101075714).","(Grant agreement ID: 101075714)."]}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2024,8]]},"DOI":"10.1007\/s10207-024-00858-4","type":"journal-article","created":{"date-parts":[[2024,5,8]],"date-time":"2024-05-08T17:01:48Z","timestamp":1715187708000},"page":"2655-2676","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Dynamic vulnerability severity calculator for industrial control systems"],"prefix":"10.1007","volume":"23","author":[{"given":"Pavlos","family":"Cheimonidis","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Konstantinos","family":"Rantos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,5,8]]},"reference":[{"key":"858_CR1","doi-asserted-by":"publisher","first-page":"612","DOI":"10.1016\/j.procs.2019.08.086","volume":"155","author":"N Tariq","year":"2019","unstructured":"Tariq, N., Asim, M., Khan, F.A.: Securing scada-based critical infrastructures: Challenges and open issues. Procedia Comput. Sci. 155, 612\u2013617 (2019). https:\/\/doi.org\/10.1016\/j.procs.2019.08.086","journal-title":"Procedia Comput. Sci."},{"key":"858_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/TD-ASIA.2009.5357008","volume":"2009","author":"D-J Kang","year":"2009","unstructured":"Kang, D.-J., Lee, J.-J., Kim, S.-J., Park, J.-H.: Analysis on cyber threats to scada systems, in. Transm. Distrib. Conf. Expos.: Asia Pac. 2009, 1\u20134 (2009). https:\/\/doi.org\/10.1109\/TD-ASIA.2009.5357008","journal-title":"Transm. Distrib. Conf. Expos.: Asia Pac."},{"key":"858_CR3","first-page":"761","volume":"72","author":"LJ Trautman","year":"2018","unstructured":"Trautman, L.J., Ormerod, P.: Industrial cyber vulnerabilities: Lessons from stuxnet and the internet of things. Univ. Miami Law Rev. 72, 761 (2018)","journal-title":"Univ. Miami Law Rev."},{"issue":"3","key":"858_CR4","doi-asserted-by":"publisher","first-page":"3260","DOI":"10.1109\/TNSM.2020.3044865","volume":"18","author":"F\u00d6 S\u00f6nmez","year":"2021","unstructured":"S\u00f6nmez, F.\u00d6., K\u0131l\u0131\u00e7, B.G.: A decision support system for optimal selection of enterprise information security preventative actions. IEEE Trans. Netw. Serv. Manag. 18(3), 3260\u20133279 (2021)","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"issue":"5","key":"858_CR5","doi-asserted-by":"publisher","first-page":"4856","DOI":"10.1109\/TPWRS.2021.3089042","volume":"36","author":"C Ren","year":"2021","unstructured":"Ren, C., Xu, Y., Dai, B., Zhang, R.: An integrated transfer learning method for power system dynamic security assessment of unlearned faults with missing data. IEEE Trans. Pow. Syst. 36(5), 4856\u20134859 (2021)","journal-title":"IEEE Trans. Pow. Syst."},{"key":"858_CR6","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/s10669-014-9488-3","volume":"34","author":"I Linkov","year":"2014","unstructured":"Linkov, I., Anklam, E., Collier, Z., DiMase, D., Renn, O.: Risk-based standards: Integrating top-down and bottom-up approaches. Environ. Syst. Decis. 34, 134\u2013137 (2014)","journal-title":"Environ. Syst. Decis."},{"key":"858_CR7","doi-asserted-by":"crossref","unstructured":"Naumov, S., Kabanov, I.: Dynamic framework for assessing cyber security risks in a changing environment. In: Proceedings of the 2016 International Conference on Information Science and Communications Technologies (ICISCT), pp. 1\u20134. Tashkent, Uzbekistan (2016)","DOI":"10.1109\/ICISCT.2016.7777406"},{"issue":"10","key":"858_CR8","doi-asserted-by":"publisher","first-page":"324","DOI":"10.3390\/fi15100324","volume":"15","author":"P Cheimonidis","year":"2023","unstructured":"Cheimonidis, P., Rantos, K.: Dynamic risk assessment in cybersecurity: A systematic literature review. Future Int. 15(10), 324 (2023). https:\/\/doi.org\/10.3390\/fi15100324","journal-title":"Future Int."},{"key":"858_CR9","unstructured":"The MITRE Corporation, MITRE, https:\/\/www.mitre.org\/, Accessed on 13\/12\/2023"},{"key":"858_CR10","unstructured":"Common Vulnerability Scoring System (CVSS), https:\/\/www.first.org\/cvss\/, Accessed on 13\/12\/2023"},{"key":"858_CR11","unstructured":"National Vulnerability Database (NVD), https:\/\/nvd.nist.gov\/, Accessed on 10\/12\/2023"},{"key":"858_CR12","unstructured":"Common Attack Pattern Enumeration and Classification (CAPEC), https:\/\/capec.mitre.org\/, accessed on January 4, 2024"},{"key":"858_CR13","unstructured":"Exploit Prediction Scoring System (EPSS), https:\/\/www.first.org\/epss\/, accessed on April 4, 2024"},{"issue":"18","key":"858_CR14","doi-asserted-by":"publisher","first-page":"8735","DOI":"10.3390\/app11188735","volume":"11","author":"M Walkowski","year":"2021","unstructured":"Walkowski, M., Oko, J., Sujecki, S.: Vulnerability Management Models Using a Common Vulnerability Scoring System. Appl. Sci. 11(18), 8735 (2021). https:\/\/doi.org\/10.3390\/app11188735","journal-title":"Appl. Sci."},{"issue":"4","key":"858_CR15","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3196884","volume":"21","author":"KA Farris","year":"2018","unstructured":"Farris, K.A., Shah, A., Cybenko, G., Ganesan, R., Jajodia, S.: Vulcon: A system for vulnerability prioritization, mitigation, and management. ACM Trans. Priv. Secur. 21(4), 1\u201328 (2018). https:\/\/doi.org\/10.1145\/3196884","journal-title":"ACM Trans. Priv. Secur."},{"key":"858_CR16","doi-asserted-by":"publisher","first-page":"2497","DOI":"10.1109\/TII.2017.2768998","volume":"14","author":"Q Zhang","year":"2018","unstructured":"Zhang, Q., Zhou, C., Tian, Y.-C., Xiong, N., Qin, Y., Hu, B.: A fuzzy probability bayesian network approach for dynamic cybersecurity risk assessment in industrial control systems. IEEE Trans. Ind. Inf. 14, 2497\u20132506 (2018)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"858_CR17","doi-asserted-by":"publisher","first-page":"608","DOI":"10.1109\/TII.2017.2740571","volume":"14","author":"X Li","year":"2018","unstructured":"Li, X., Zhou, C., Tian, Y.-C., Xiong, N., Qin, Y.: Asset-based dynamic impact assessment of cyberattacks for risk analysis in industrial control systems. IEEE Trans. Ind. Inf. 14, 608\u2013618 (2018)","journal-title":"IEEE Trans. Ind. Inf."},{"key":"858_CR18","doi-asserted-by":"crossref","unstructured":"Peng, Y., Huang, K., Tu, W., Zhou, C.: A model-data integrated cyber security risk assessment method for industrial control systems. In: Proceedings of the 2018 IEEE 7th Data Driven Control and Learning Systems Conference (DDCLS), pp. 344\u2013349. Enshi, China (2018)","DOI":"10.1109\/DDCLS.2018.8516022"},{"key":"858_CR19","doi-asserted-by":"crossref","unstructured":"Huang, K., Zhou, C., Tian, Y.-C., Tu, W., Peng, Y.: Application of bayesian network to data-driven cyber-security risk assessment in scada networks. In: Proceedings of the 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1\u20136. Melbourne, VIC, Australia (2017)","DOI":"10.1109\/ATNAC.2017.8215355"},{"key":"858_CR20","doi-asserted-by":"publisher","first-page":"1423","DOI":"10.1109\/JSYST.2020.3010977","volume":"15","author":"Y Qin","year":"2021","unstructured":"Qin, Y., Peng, Y., Huang, K., Zhou, C., Tian, Y.-C.: Association analysis-based cybersecurity risk assessment for industrial control systems. IEEE Syst. J. 15, 1423\u20131432 (2021)","journal-title":"IEEE Syst. J."},{"key":"858_CR21","doi-asserted-by":"crossref","unstructured":"Wu, S., Zhang, Y., Chen, X.: Security assessment of dynamic networks with an approach of integrating semantic reasoning and attack graphs. In: Proceedings of the 2018 IEEE 4th International Conference on Computer and Communications (ICCC), pp. 1166\u20131174. Chengdu, China, (2018)","DOI":"10.1109\/CompComm.2018.8780998"},{"key":"858_CR22","doi-asserted-by":"publisher","first-page":"2018","DOI":"10.1109\/JSYST.2022.3215591","volume":"17","author":"K Yan","year":"2023","unstructured":"Yan, K., Liu, X., Lu, Y., Qin, F.: A cyber-physical power system risk assessment model against cyberattacks. IEEE Syst. J. 17, 2018\u20132028 (2023)","journal-title":"IEEE Syst. J."},{"key":"858_CR23","doi-asserted-by":"publisher","unstructured":"Vasilyev, V., Kirillova, A., Vulfin, A., Nikonov, A.: Cybersecurity Risk Assessment Based on Cognitive Attack Vector Modeling with CVSS Score. In: 2021 International Conference on Information Technology and Nanotechnology (ITNT), pp. 1\u20136. IEEE, Samara, Russian Federation (2021). https:\/\/doi.org\/10.1109\/ITNT52450.2021.9649191","DOI":"10.1109\/ITNT52450.2021.9649191"},{"key":"858_CR24","doi-asserted-by":"publisher","unstructured":"Wang, T., Lv, Q., Hu, B., Sun, D.: CVSS-based Multi-Factor Dynamic Risk Assessment Model for Network System. In: 2020 IEEE 10th International Conference on Electronics Information and Emergency Communication (ICEIEC), pp. 289\u2013294. IEEE, Beijing, China, (2020).https:\/\/doi.org\/10.1109\/ICEIEC49280.2020.9152340","DOI":"10.1109\/ICEIEC49280.2020.9152340"},{"key":"858_CR25","unstructured":"Vilches, V.M., Gil-Uriarte, E., Ugarte, I.Z., Mendia, G.O., Pis\u00f3n, R.I., Kirschgens, L.A., Calvo, A.B., Cordero, A.H., Apa, L., Cerrudo, C.: Towards an open standard for assessing the severity of robot security vulnerabilities, the robot vulnerability scoring system (rvss), (2018). arXiv preprint arXiv:1807.10357"},{"issue":"3","key":"858_CR26","doi-asserted-by":"publisher","first-page":"1245","DOI":"10.47836\/pjst.31.3.07","volume":"31","author":"A Kurniawan","year":"2023","unstructured":"Kurniawan, A., Darus, M.Y., Mohd Ariffin, M.A., Muliono, Y., Pardomuan, C.R.: Automation of Quantifying Security Risk Level on Injection Attacks Based on Common Vulnerability Scoring System Metric. Pertan. J. Sci. Technol. 31(3), 1245\u20131265 (2023). https:\/\/doi.org\/10.47836\/pjst.31.3.07","journal-title":"Pertan. J. Sci. Technol."},{"key":"858_CR27","doi-asserted-by":"publisher","unstructured":"Ur-Rehman, A., Gondal, I., Kamruzzuman, J., Jolfaei, A.: Vulnerability Modelling for Hybrid IT Systems. In: 2019 IEEE International Conference on Industrial Technology (ICIT), pp. 1186\u20131191. IEEE, Melbourne, Australia, (2019). https:\/\/doi.org\/10.1109\/ICIT.2019.8755005","DOI":"10.1109\/ICIT.2019.8755005"},{"key":"858_CR28","doi-asserted-by":"publisher","unstructured":"Purkayastha, S., Goyal, S., Phillips, T., Wu, H., Haakenson, B., Zou, X.: Continuous Security through Integration Testing in an Electronic Health Records System. In: 2020 International Conference on Software Security and Assurance (ICSSA), pp. 26\u201331. IEEE, Altoona, PA, USA, (2020). https:\/\/doi.org\/10.1109\/ICSSA51305.2020.00012","DOI":"10.1109\/ICSSA51305.2020.00012"},{"key":"858_CR29","doi-asserted-by":"publisher","unstructured":"Franklin, J., Wergin, C., Booth, H.: CVSS implementation guidance, Tech. Rep. NIST IR 7946, National Institute of Standards and Technology (Apr. 2014). https:\/\/doi.org\/10.6028\/NIST.IR.7946","DOI":"10.6028\/NIST.IR.7946"},{"key":"858_CR30","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102316","volume":"107","author":"I Stellios","year":"2021","unstructured":"Stellios, I., Kotzanikolaou, P., Grigoriadis, C.: Assessing IoT enabled cyber-physical attack paths against critical systems. Comput. & Sec. 107, 102316 (2021). https:\/\/doi.org\/10.1016\/j.cose.2021.102316","journal-title":"Comput. & Sec."},{"key":"858_CR31","unstructured":"Haque, S., Keffeler, M., Atkison, T.: An evolutionary approach of attack graphs and attack trees: A survey of attack modeling. In: Proceedings of the International Conference on Security and Management (SAM), The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp), 224\u2013229. (2017)"},{"key":"858_CR32","doi-asserted-by":"publisher","unstructured":"Petrica, G., Axinte, S.-D., Bacivarov, I.C., Firoiu, M., Mihai, I.-C.: Studying cyber security threats to web platforms using attack tree diagrams. In: 2017 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), pp. 1\u20136. IEEE, Targoviste (2017).https:\/\/doi.org\/10.1109\/ECAI.2017.8166456. http:\/\/ieeexplore.ieee.org\/document\/8166456\/","DOI":"10.1109\/ECAI.2017.8166456"},{"key":"858_CR33","unstructured":"Piotr, et\u00a0al., ADTool - attack-defense tree tool, https:\/\/satoss.uni.lu\/members\/piotr\/adtool\/"},{"key":"858_CR34","doi-asserted-by":"publisher","first-page":"621","DOI":"10.1007\/s40747-020-00228-2","volume":"7","author":"E Bakhtavar","year":"2021","unstructured":"Bakhtavar, E., Valipour, M., Yousefi, S., Sadiq, R., Hewage, K.: Fuzzy cognitive maps in systems risk analysis: A comprehensive review. Complex & Intell. Syst. 7, 621\u2013637 (2021)","journal-title":"Complex & Intell. Syst."},{"issue":"3\u20134","key":"858_CR35","first-page":"242","volume":"14","author":"Z Fan","year":"2021","unstructured":"Fan, Z., Tan, C., Li, X.: A hierarchical method for assessing cyber security situation based on ontology and fuzzy cognitive maps. Int. J. Inf. Comput. Secur. 14(3\u20134), 242\u2013262 (2021)","journal-title":"Int. J. Inf. Comput. Secur."},{"key":"858_CR36","first-page":"755","volume":"123","author":"EI Papageorgiou","year":"2008","unstructured":"Papageorgiou, E.I., Stylios, C.D.: Fuzzy cognitive maps, Handbook of Granular. Computing 123, 755\u2013775 (2008)","journal-title":"Computing"},{"issue":"07","key":"858_CR37","doi-asserted-by":"publisher","first-page":"1860010","DOI":"10.1142\/S0218213018600102","volume":"27","author":"G N\u00e1poles","year":"2018","unstructured":"N\u00e1poles, G., Espinosa, M.L., Grau, I., Vanhoof, K.: Fcm expert: software tool for scenario analysis and pattern classification based on fuzzy cognitive maps. Int. J. Artif. Intell. Tools 27(07), 1860010 (2018)","journal-title":"Int. J. Artif. Intell. Tools"},{"issue":"4","key":"858_CR38","doi-asserted-by":"publisher","first-page":"874","DOI":"10.1109\/TFUZZ.2009.2017519","volume":"17","author":"Y Boutalis","year":"2009","unstructured":"Boutalis, Y., Kottas, T.L., Christodoulou, M.: Adaptive estimation of fuzzy cognitive maps with proven stability and parameter convergence. IEEE Trans. Fuzzy Syst. 17(4), 874\u2013889 (2009). https:\/\/doi.org\/10.1109\/TFUZZ.2009.2017519","journal-title":"IEEE Trans. Fuzzy Syst."},{"key":"858_CR39","doi-asserted-by":"crossref","unstructured":"Chandia, R., Gonzalez, J., Kilpatrick, T., Papa, M., Shenoi, S.: Security strategies for scada networks. In: Critical Infrastructure Protection 1, pp. 117\u2013131. Springer (2008)","DOI":"10.1007\/978-0-387-75462-8_9"},{"key":"858_CR40","doi-asserted-by":"crossref","unstructured":"Wang, C., Fang, L., Dai, Y.: A simulation environment for scada security analysis and assessment, In: 2010 International Conference on Measuring Technology and Mechatronics Automation, Vol.\u00a01, pp. 342\u2013347. IEEE (2010)","DOI":"10.1109\/ICMTMA.2010.603"},{"key":"858_CR41","unstructured":"Fcm expert, https:\/\/sites.google.com\/view\/fcm-expert, accessed on December 18, 2023"},{"issue":"1","key":"858_CR42","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/S0020-7373(86)80040-2","volume":"24","author":"B Kosko","year":"1986","unstructured":"Kosko, B.: Fuzzy cognitive maps. Int. J. Man-Mach. Stud. 24(1), 65\u201375 (1986)","journal-title":"Int. J. Man-Mach. Stud."},{"issue":"3","key":"858_CR43","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1109\/MS.2016.60","volume":"33","author":"A Basiri","year":"2016","unstructured":"Basiri, A., Behnam, N., de Rooij, R., Hochstein, L., Kosewski, L., Reynolds, J., Rosenthal, C.: Chaos engineering. IEEE Softw. 33(3), 35\u201341 (2016)","journal-title":"IEEE Softw."},{"key":"858_CR44","volume-title":"Chaos Engineering-System Resiliency in Practice","author":"C Rosenthal","year":"2020","unstructured":"Rosenthal, C., Jones, N.: Chaos Engineering-System Resiliency in Practice. O\u2019Reilly Media, Newton (2020)"},{"key":"858_CR45","doi-asserted-by":"publisher","first-page":"691","DOI":"10.1145\/1029133.1029143","volume":"15","author":"TE Uribe","year":"2004","unstructured":"Uribe, T.E., Cheung, S.: Automatic analysis of firewall and network intrusion detection system configurations. J. Comput. Secur. 15, 691\u2013715 (2004). https:\/\/doi.org\/10.1145\/1029133.1029143","journal-title":"J. Comput. Secur."},{"issue":"1","key":"858_CR46","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/s13198-020-01021-7","volume":"12","author":"R Sharma","year":"2021","unstructured":"Sharma, R., Sibal, R., Sabharwal, S.: Software vulnerability prioritization using vulnerability description. Int. J. Syst. Assur. Eng. Manag. 12(1), 58\u201364 (2021). https:\/\/doi.org\/10.1007\/s13198-020-01021-7","journal-title":"Int. J. Syst. Assur. Eng. Manag."},{"key":"858_CR47","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1016\/j.cosust.2021.02.004","volume":"50","author":"G Anjum","year":"2021","unstructured":"Anjum, G., Fraser, A.: Vulnerabilities associated with slow-onset events (soes) of climate change: multi-level analysis in the context of pakistan. Curr. Opin. Environ. Sustain. 50, 54\u201363 (2021)","journal-title":"Curr. Opin. Environ. Sustain."},{"key":"858_CR48","doi-asserted-by":"crossref","unstructured":"Spanos, G., Angelis, L., Toloudis, D.: Assessment of vulnerability severity using text mining. In: Proceedings of the 21st Pan-Hellenic conference on informatics, pp. 1\u20136 (2017)","DOI":"10.1145\/3139367.3139390"},{"issue":"3","key":"858_CR49","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1016\/j.ssci.2006.07.007","volume":"45","author":"T Hellstr\u00f6m","year":"2007","unstructured":"Hellstr\u00f6m, T.: Critical infrastructure and systemic vulnerability: Towards a planning framework. Saf. Sci. 45(3), 415\u2013430 (2007). https:\/\/doi.org\/10.1016\/j.ssci.2006.07.007","journal-title":"Saf. Sci."},{"key":"858_CR50","unstructured":"Lambrinoudakis, C., Gritzalis, S., Xenakis, C., Katsikas, S., Karyda, M., Tsochou, A., Papadatos, K., Rantos, K., Pavlosoglou, Y., Gasparinatos, S., Pantazis, A.: Interoperable EU risk management framework: methodology for and assessment of interoperability among risk management frameworks and methodologies., european Union Agency for Cybersecurity (Publications Office) (2022). https:\/\/data.europa.eu\/doi\/10.2824\/07253"},{"key":"858_CR51","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1016\/S1361-3723(14)70521-4","volume":"2014","author":"S Furnell","year":"2014","unstructured":"Furnell, S., Niekerk, J.V., Clarke, N.: The price of patching. Comput. Fraud & Secur. 2014, 8\u201313 (2014). https:\/\/doi.org\/10.1016\/S1361-3723(14)70521-4","journal-title":"Comput. Fraud & Secur."},{"key":"858_CR52","doi-asserted-by":"publisher","unstructured":"Ralston, P., Graham, J., Hieb, J.L.: Cyber security risk assessment for scada and dcs networks. ISA Trans. 46(4), 583\u201394 (2007). https:\/\/doi.org\/10.1016\/J.ISATRA.2007.04.003","DOI":"10.1016\/J.ISATRA.2007.04.003"},{"key":"858_CR53","doi-asserted-by":"publisher","unstructured":"Sezer, E.C., Kil, C., Ning, P.: Automated software vulnerability analysis. Cyber Situat. Aware. Issues Res. , 201\u2013223 (2010). https:\/\/doi.org\/10.1007\/978-1-4419-0140-8_10","DOI":"10.1007\/978-1-4419-0140-8_10"},{"key":"858_CR54","doi-asserted-by":"publisher","unstructured":"Bullough, B.L., Yanchenko, A.K., Smith, C.L., Zipkin, J.R. : Predicting exploitation of disclosed software vulnerabilities using open-source data. In: Proceedings of the 3rd ACM on International Workshop on Security And Privacy Analytics (2017). https:\/\/doi.org\/10.1145\/3041008.3041009","DOI":"10.1145\/3041008.3041009"},{"key":"858_CR55","doi-asserted-by":"publisher","unstructured":"Beres, Y., Griffin, J.: Optimizing network patching policy decisions. In: IFIP international information security conference, pp. 424\u2013442. Springer Berlin Heidelberg. Berlin (2012). https:\/\/doi.org\/10.1007\/978-3-642-30436-1_35","DOI":"10.1007\/978-3-642-30436-1_35"},{"key":"858_CR56","doi-asserted-by":"publisher","first-page":"356","DOI":"10.1287\/deca.2020.0418","volume":"17","author":"AC Vieira","year":"2020","unstructured":"Vieira, A.C., Insua, D., Kosgodagan, A.: Assessing and forecasting cybersecurity impacts. Decis. Anal. 17, 356\u2013374 (2020). https:\/\/doi.org\/10.1287\/deca.2020.0418","journal-title":"Decis. Anal."},{"key":"858_CR57","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/MSP.2005.30","volume":"3","author":"SE Schechter","year":"2005","unstructured":"Schechter, S.E.: Toward econometric models of the security risk from remote attacks. IEEE Secur. Priv. 3, 40\u201344 (2005). https:\/\/doi.org\/10.1109\/MSP.2005.30","journal-title":"IEEE Secur. Priv."},{"key":"858_CR58","doi-asserted-by":"publisher","DOI":"10.33995\/wu2023.2.3","author":"A H\u0229\u0107ka-Sadowska","year":"2022","unstructured":"H\u0229\u0107ka-Sadowska, A., \u0141yskawa, K.: Operational cyber risk in the differing business model of insurance companies: the example of poland. Wiad. Ubezp. (2022). https:\/\/doi.org\/10.33995\/wu2023.2.3","journal-title":"Wiad. Ubezp."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00858-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-024-00858-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00858-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,15]],"date-time":"2024-07-15T03:15:19Z","timestamp":1721013319000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-024-00858-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,5,8]]},"references-count":58,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["858"],"URL":"https:\/\/doi.org\/10.1007\/s10207-024-00858-4","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,5,8]]},"assertion":[{"value":"8 May 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no Conflict of interest to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This manuscript does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}},{"value":"The data utilized for the purpose of this paper was obtained from the NIST NVD website, publicly accessible.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Research data"}}]}}