ORCID
- Kevin Jones: 0000-0002-7960-0978
- Kimberly Tam: 0000-0003-2840-5715
- Robert Rawlinson-Smith: 0000-0001-5830-7054
Abstract
Cybersecurity is a critical aspect for the energy industry to defend against cyber attacks. However, justifying the costs of cybersecurity measures is essential. A cost-benefit analysis (CBA) is commonly used to support decision-making for risk mitigation, helping to identify strategies that optimally balance mitigation costs and risk reduction. In this survey, we analyse existing approaches and provide a taxonomic overview of methods for cyber risk mitigation cost-benefit analysis, focusing on key aspects that determine their applicability to energy systems. The survey includes both general and contextual works, employing various methodologies for CBA, whether analytical or criteria-based. We conclude with an analysis of future directions based on recent developments in these methods. As an emerging area, this taxonomy could serve as a foundation that can be expanded with more data from other publications in the field, offering an opportunity to advance knowledge in energy systems.
DOI
10.1109/CSR61664.2024.10679375
Publication Date
2024-12-09
Publication Title
Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience, CSR 2024
ISBN
9798350375367
Keywords
cost benefit analysis, cyber, energy, mitigation, risk, survey, taxonomy
First Page
771
Last Page
776
Recommended Citation
Kam Hwei Syn, Y., Jones, K., Tam, K., & Rawlinson-Smith, R. (2024) 'Taxonomy of Cyber Risk Mitigation Cost Benefit Analysis Methods for Energy Infrastructure', Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience, CSR 2024, , pp. 771-776. Available at: https://doi.org/10.1109/CSR61664.2024.10679375
