{"id":"https://openalex.org/W2805466842","doi":"https://doi.org/10.3390/g9020034","title":"Risk Assessment Uncertainties in Cybersecurity Investments","display_name":"Risk Assessment Uncertainties in Cybersecurity Investments","publication_year":2018,"publication_date":"2018-06-09","ids":{"openalex":"https://openalex.org/W2805466842","doi":"https://doi.org/10.3390/g9020034","mag":"2805466842"},"language":"en","primary_location":{"id":"doi:10.3390/g9020034","is_oa":true,"landing_page_url":"https://doi.org/10.3390/g9020034","pdf_url":"https://www.mdpi.com/2073-4336/9/2/34/pdf?version=1528524483","source":{"id":"https://openalex.org/S6552842","display_name":"Games","issn_l":"2073-4336","issn":["2073-4336"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Games","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2073-4336/9/2/34/pdf?version=1528524483","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5006946645","display_name":"Andrew Fielder","orcid":null},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Andrew Fielder","raw_affiliation_strings":["Institute for Security Science and Technology, Imperial College London, London SW7 2AZ, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute for Security Science and Technology, Imperial College London, London SW7 2AZ, UK","institution_ids":["https://openalex.org/I47508984"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017498019","display_name":"Sandra K\u00f6nig","orcid":"https://orcid.org/0000-0003-2881-4519"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Sandra K\u00f6nig","raw_affiliation_strings":["Center for Digital Safety &amp; Security, Austrian Institute of Technology, 1210 Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Center for Digital Safety &amp; Security, Austrian Institute of Technology, 1210 Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090517118","display_name":"Emmanouil Panaousis","orcid":null},"institutions":[{"id":"https://openalex.org/I28290843","display_name":"University of Surrey","ror":"https://ror.org/00ks66431","country_code":"GB","type":"education","lineage":["https://openalex.org/I28290843"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Emmanouil Panaousis","raw_affiliation_strings":["Surrey Centre for Cyber Security, University of Surrey, Guildford, Surrey GU2 7XH, UK"],"raw_orcid":"https://orcid.org/0000-0001-7306-4062","affiliations":[{"raw_affiliation_string":"Surrey Centre for Cyber Security, University of Surrey, Guildford, Surrey GU2 7XH, UK","institution_ids":["https://openalex.org/I28290843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053185064","display_name":"Stefan Schauer","orcid":"https://orcid.org/0000-0003-4446-9081"},"institutions":[{"id":"https://openalex.org/I132118926","display_name":"Austrian Institute of Technology","ror":"https://ror.org/04knbh022","country_code":"AT","type":"facility","lineage":["https://openalex.org/I132118926"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Stefan Schauer","raw_affiliation_strings":["Center for Digital Safety &amp; Security, Austrian Institute of Technology, 1210 Vienna, Austria"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Center for Digital Safety &amp; Security, Austrian Institute of Technology, 1210 Vienna, Austria","institution_ids":["https://openalex.org/I132118926"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026312652","display_name":"Stefan Ra\u00df","orcid":"https://orcid.org/0000-0003-2821-2489"},"institutions":[{"id":"https://openalex.org/I4210166741","display_name":"University of Klagenfurt","ror":"https://ror.org/05q9m0937","country_code":"AT","type":"education","lineage":["https://openalex.org/I4210166741"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Stefan Rass","raw_affiliation_strings":["System Security Group, Institute of Applied Informatics, Universit\u00e4t Klagenfurt, 9020 Klagenfurt, Austria"],"raw_orcid":"https://orcid.org/0000-0003-2821-2489","affiliations":[{"raw_affiliation_string":"System Security Group, Institute of Applied Informatics, Universit\u00e4t Klagenfurt, 9020 Klagenfurt, Austria","institution_ids":["https://openalex.org/I4210166741"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5026312652"],"corresponding_institution_ids":["https://openalex.org/I4210166741"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":6.1691,"has_fulltext":true,"cited_by_count":37,"citation_normalized_percentile":{"value":0.96610733,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"9","issue":"2","first_page":"34","last_page":"34"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9941999912261963,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9900000095367432,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.49540841579437256},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.4474563002586365},{"id":"https://openalex.org/keywords/actuarial-science","display_name":"Actuarial science","score":0.3513595461845398},{"id":"https://openalex.org/keywords/economics","display_name":"Economics","score":0.3361588716506958},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3015432059764862}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.49540841579437256},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4474563002586365},{"id":"https://openalex.org/C162118730","wikidata":"https://www.wikidata.org/wiki/Q1128453","display_name":"Actuarial science","level":1,"score":0.3513595461845398},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.3361588716506958},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3015432059764862}],"mesh":[],"locations_count":6,"locations":[{"id":"doi:10.3390/g9020034","is_oa":true,"landing_page_url":"https://doi.org/10.3390/g9020034","pdf_url":"https://www.mdpi.com/2073-4336/9/2/34/pdf?version=1528524483","source":{"id":"https://openalex.org/S6552842","display_name":"Games","issn_l":"2073-4336","issn":["2073-4336"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Games","raw_type":"journal-article"},{"id":"pmh:oai:alma.44SUR_INST:11138847930002346","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4210197018","display_name":"View","issn_l":"2688-268X","issn":["2688-268X","2688-3988"],"is_oa":false,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"","raw_type":""},{"id":"pmh:oai:RePEc:gam:jgames:v:9:y:2018:i:2:p:34-:d:151564","is_oa":false,"landing_page_url":"https://www.mdpi.com/2073-4336/9/2/34/","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},{"id":"pmh:oai:doaj.org/article:0f1feda26c034d9493f2fbfd332cfdc3","is_oa":true,"landing_page_url":"https://doaj.org/article/0f1feda26c034d9493f2fbfd332cfdc3","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Games, Vol 9, Iss 2, p 34 (2018)","raw_type":"article"},{"id":"pmh:oai:epubs.surrey.ac.uk:847049","is_oa":false,"landing_page_url":"http://epubs.surrey.ac.uk/847049/1/Risk%20Assessment%20Uncertainties%20in%20Cybersecurity%20Investments.pdf","pdf_url":null,"source":{"id":"https://openalex.org/S4306400680","display_name":"Surrey Research Insight Open Access (The University of Surrey)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I28290843","host_organization_name":"University of Surrey","host_organization_lineage":["https://openalex.org/I28290843"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article"},{"id":"pmh:oai:mdpi.com:/2073-4336/9/2/34/","is_oa":true,"landing_page_url":"http://dx.doi.org/10.3390/g9020034","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Games","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/g9020034","is_oa":true,"landing_page_url":"https://doi.org/10.3390/g9020034","pdf_url":"https://www.mdpi.com/2073-4336/9/2/34/pdf?version=1528524483","source":{"id":"https://openalex.org/S6552842","display_name":"Games","issn_l":"2073-4336","issn":["2073-4336"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Games","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.47999998927116394,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G2711952031","display_name":null,"funder_award_id":"EP/R006938/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6953541449","display_name":null,"funder_award_id":"EP/N002717/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2805466842.pdf","grobid_xml":"https://content.openalex.org/works/W2805466842.grobid-xml"},"referenced_works_count":20,"referenced_works":["https://openalex.org/W86490778","https://openalex.org/W1483280370","https://openalex.org/W1925725102","https://openalex.org/W2028269651","https://openalex.org/W2039148409","https://openalex.org/W2056075452","https://openalex.org/W2193214538","https://openalex.org/W2261596852","https://openalex.org/W2269519098","https://openalex.org/W2484469680","https://openalex.org/W2510854579","https://openalex.org/W2567142835","https://openalex.org/W2568394246","https://openalex.org/W2610527038","https://openalex.org/W2768651693","https://openalex.org/W2781958320","https://openalex.org/W2783375322","https://openalex.org/W6632833816","https://openalex.org/W6693696362","https://openalex.org/W6741487127"],"related_works":["https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4391375266","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"When":[0],"undertaking":[1],"cybersecurity":[2,83,91,136,148,156,210],"risk":[3,26,39,132,149,194],"assessments,":[4],"it":[5,203],"is":[6,30,41,49,197,204,213],"important":[7],"to":[8,11,15,17,32,34,59,80,117,128,154,180,206],"be":[9,108,118],"able":[10],"assign":[12],"numeric":[13],"values":[14,57,196],"metrics":[16],"compute":[18,81],"the":[19,25,70,111,126,166,171,209],"final":[20,167],"expected":[21,168],"loss":[22,169],"that":[23,27,104,134,144,208],"represents":[24],"an":[28],"organization":[29,172],"exposed":[31],"due":[33,58],"cyber":[35],"threats.":[36],"Even":[37],"if":[38],"assessment":[40,133,150,195],"motivated":[42],"by":[43,114],"real-world":[44],"observations":[45],"and":[46,69,178],"data,":[47],"there":[48],"always":[50],"a":[51,94,162,175,201],"high":[52],"chance":[53],"of":[54,73,170,215],"assigning":[55],"inaccurate":[56],"different":[60,155],"uncertainties":[61,130,146],"involved":[62],"(e.g.,":[63],"evolving":[64],"threat":[65],"landscape,":[66],"human":[67],"errors)":[68],"natural":[71],"difficulty":[72],"quantifying":[74],"risk.":[75],"Existing":[76],"models":[77],"empower":[78],"organizations":[79],"optimal":[82],"strategies":[84,189],"given":[85],"their":[86],"financial":[87],"constraints,":[88],"i.e.,":[89],"available":[90],"budget.":[92],"Further,":[93],"general":[95],"game-theoretic":[96,112,176],"model":[97,113,177,185],"with":[98],"uncertain":[99],"payoffs":[100,116],"(probability-distribution-valued":[101],"payoffs)":[102],"shows":[103],"such":[105],"uncertainty":[106],"can":[107],"incorporated":[109],"in":[110,125,131,147,165],"allowing":[115],"random.":[119],"This":[120],"paper":[121],"extends":[122],"previous":[123],"work":[124],"field":[127],"tackle":[129],"affect":[135],"investments.":[137],"The":[138,184],"findings":[139],"from":[140],"simulated":[141],"examples":[142],"indicate":[143],"although":[145],"lead,":[151],"on":[152],"average,":[153],"strategies,":[157],"they":[158],"do":[159],"not":[160,198],"play":[161],"significant":[163],"role":[164],"when":[173,191],"utilising":[174],"methodology":[179],"derive":[181],"these":[182],"strategies.":[183],"determines":[186],"robust":[187],"defending":[188],"even":[190],"knowledge":[192],"regarding":[193],"accurate.":[199],"As":[200],"result,":[202],"possible":[205],"show":[207],"investments\u2019":[211],"tool":[212],"capable":[214],"providing":[216],"effective":[217],"decision":[218],"support.":[219]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":2}],"updated_date":"2026-06-06T09:05:17.133730","created_date":"2025-10-10T00:00:00"}