What question did this study set out to answer?

The central aim is to develop a Bayesian methodology for quantifying cyber risks in networks with interconnected vulnerabilities.

April 18, 2026

Pricing Cyber Risks Over Modern Networks via Bayesian Attack Graphs

Key Points

The central aim is to develop a Bayesian methodology for quantifying cyber risks in networks with interconnected vulnerabilities.
Proposed a Bayesian Attack Graph approach to evaluate cyber risks.
Developed frameworks for pricing identified cyber risks.
Computed joint exploitation probabilities of network vulnerabilities.
Conducted a sensitivity analysis of various pricing strategies.
Established a practical method for pricing cyber risks effectively.
Demonstrated how joint vulnerabilities can impact risk assessments.
Identified key dependencies among pricing strategies and their implications.

Abstract

Modern networks, laden with an array of smart devices and lightweight operating systems, are exposed to substantial cyber risks. Given the intricate interdependence of these systems’ vulnerabilities, it is difficult to quantify the risks. This study proposes a Bayesian Attack Graph methodology to effectively evaluate cyber risks over a modern network. It presents a practical framework for pricing the identified risks and develops an innovative approach to calculating the joint exploitation probability of vulnerabilities across the network. Additionally, it presents a sensitivity analysis of pricing strategies. The simulation studies overview discusses a variety of pricing strategies and briefly discusses the potential dependence among policyholders.

Bookmark

Pricing Cyber Risks Over Modern Networks via Bayesian Attack Graphs

Key Points

Abstract

Cite This Study