Cybersecurity Risk Assessment with Bayesian Networks

Risk assessment is challenging when data is unavailable, hard to obtain, or costly to process. Organizations often request estimates from experts instead. This talk demonstrates how to integrate cybersecurity data with expert estimates using Bayesian Networks. Cybersecurity analysts, resource managers, and executives can use Bayesian Network models to perform risk assessments, select security controls, and prioritize which suspicious events to investigate first. System administrators can configure autonomous sources of data including vulnerability scanners and cybersecurity event monitoring systems to automatically update these hybrid network models alongside inputs from risk analysts and executives.

About the Presenter
Corey Neskey has been providing analyses, architecting secure environments, and leading security program implementations in IT security and risk since 2011. His career started with informing executive decision-making using algebraic data analyses for explanation, simulation, and attribution (i.e., intelligence analysis, forensics, SOC, CIRT), and optimization. His toolset expanded to more descriptive and predictive methods (i.e., machine learning/AI for risk assessment, vulnerability prioritization, event correlation). He is now developing skills for integrating these analytical areas and expanding beyond algebraic methods and static probability calculus to using Bayesian network models.