{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,9]],"date-time":"2026-02-09T20:43:19Z","timestamp":1770669799289,"version":"3.49.0"},"reference-count":45,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,11,14]],"date-time":"2023-11-14T00:00:00Z","timestamp":1699920000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,11,14]],"date-time":"2023-11-14T00:00:00Z","timestamp":1699920000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,11,14]]},"DOI":"10.1109\/dasc\/picom\/cbdcom\/cy59711.2023.10361456","type":"proceedings-article","created":{"date-parts":[[2023,12,25]],"date-time":"2023-12-25T14:38:38Z","timestamp":1703515118000},"page":"0628-0635","source":"Crossref","is-referenced-by-count":6,"title":["Towards Cybersecurity Risk Assessment Automation: an Ontological Approach"],"prefix":"10.1109","author":[{"given":"Nicol\u00f2","family":"Maunero","sequence":"first","affiliation":[{"name":"CINI Cybersecurity National Lab,Rome,Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabio","family":"De Rosa","sequence":"additional","affiliation":[{"name":"CINI Cybersecurity National Lab,Rome,Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Paolo","family":"Prinetto","sequence":"additional","affiliation":[{"name":"Politecnico di Tornio Turin,Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","volume-title":"Theres a huge surge in hackers holding data for ransom, and experts want everyone to take these steps","year":"2021"},{"key":"ref2","volume-title":"Cybercrime To Cost The World $10.5 Trillion Annually By 2025","author":"Morgan","year":"2020"},{"key":"ref3","volume-title":"What is WannaCry ransomware?","year":"2023"},{"key":"ref4","volume-title":"Executive Order on Strengthening the Cybersecurity of Federal Net-works and Critical Infrastructure","year":"2021"},{"key":"ref5","volume-title":"Executive Order on Improving the Nations Cyber- security","year":"2017"},{"key":"ref6","volume-title":"Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure","year":"2023"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23570-7_5"},{"key":"ref8","article-title":"Information technology - security techniques - information security risk management","volume-title":"International Organization for Standardization, Geneva, CH, Standard ISO\/IEC 27005:2018","year":"2018"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.6028\/nist.sp.800-37r2"},{"key":"ref10","article-title":"Information security management systems - guidelines for information security risk management","volume-title":"British Standards Institution, London, UK, Standard BS 7799\u20133:2017","year":"2017"},{"key":"ref11","article-title":"Interoperable eu risk management framework","volume-title":"European Union Agency for Cybersecurity, Attiki, GRC, Standard","year":"2022"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-77492-3_1"},{"key":"ref13","volume-title":"Open Security Controls Assessment Language","year":"2023"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3498891.3501259"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11391-3_9"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-019-00433-2"},{"key":"ref17","first-page":"1","article-title":"Ontology for cybersecurity governance of ict systems","volume-title":"ITASEC22- Italian Conference on Cybersecurity, June 20th-23rd","author":"De Rosa","year":"2022"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3219063"},{"key":"ref19","volume-title":"About the cve program"},{"key":"ref20","volume-title":"About cwe"},{"key":"ref21","volume-title":"National vulnerability database"},{"key":"ref22","volume-title":"Common vulnerability scoring system version 3.1: Specification document","year":"2019"},{"key":"ref23","volume-title":"About the capec"},{"key":"ref24","volume-title":"National Institute of Standards and Technology, Gaithersburg, USA, Standard SP 800\u201330 Rev. 1","year":"2012"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101864"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1016\/j.ssci.2020.104908"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1002\/9781119644538"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ISGT.2014.6816371"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-95189-8_7"},{"key":"ref30","article-title":"Information technology - security techniques - information security management - organizational economics","volume-title":"International Organization for Standardizqation, Geneva, Switzerland, Standard ISO\/IEC TR 27016:2014","year":"2014"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.3390\/s21165493"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1016\/j.dss.2021.113651"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-022-06959-2"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-17995-2_26"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-95484-0_2"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2022.12.006"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1007\/s13369-020-04524-4"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103199"},{"key":"ref39","volume-title":"Owl 2 web ontology language document overview (second edition)","year":"2023"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/j.websem.2007.03.004"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2017.3680959"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2023.3264567"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/3465481.3470093"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.3390\/info12080298"},{"issue":"12","key":"ref46","first-page":"21","article-title":"Attack trees","volume":"24","author":"Schneier","year":"1999","journal-title":"Dr. Dobbs journal"}],"event":{"name":"2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC\/PiCom\/CBDCom\/CyberSciTech)","location":"Abu Dhabi, United Arab Emirates","start":{"date-parts":[[2023,11,14]]},"end":{"date-parts":[[2023,11,17]]}},"container-title":["2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC\/PiCom\/CBDCom\/CyberSciTech)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10361260\/10360496\/10361456.pdf?arnumber=10361456","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,12]],"date-time":"2024-01-12T15:20:38Z","timestamp":1705072838000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10361456\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,14]]},"references-count":45,"URL":"https:\/\/doi.org\/10.1109\/dasc\/picom\/cbdcom\/cy59711.2023.10361456","relation":{},"subject":[],"published":{"date-parts":[[2023,11,14]]}}}