Abstract
Most existing risk analysis methods focus on analysing risks that a system might face throughout its life. However, there is no explicit method for risk analysis during incidents. Approaches such as bow-ties and attack trees provide reliable information about triggers and escalation of incidents, but do not cover risk evaluation. Risk matrices include the entire risk analysis process; however, their risk evaluation approach is oversimplified. This paper presents a General Model for Incident Risk Analysis, which formalises the incident risk analysis process through an influence diagram. Our aim is to provide a decision support model that generates reliable risk information and enhances incident risk evaluation.
Notes
1. For instance, in cybersecurity, following the McCumber Cube (McCumber Citation1991), we can express consequences as changes in the availability, integrity or confidentiality of data.
2. Although this node represents a decision, it is not modelled as a decision node because we are not analysing that decision.