Provost's Strategic Initiative Awards Funds to Develop CISSM Cyber Risk Assessment Framework

September 22, 2017

The University of Maryland's Office of the Provost has awarded CISSM a 3-year $300,000 matching grant to further develop its cyber risk assessment model and to apply the model to existing information technology systems.

The award will allow CISSM researchers to extend their work to develop a comprehensive cyber risk assessment model to include a cyber exploitation index. The exploitation index will provide a way to categorize cyber events that result in the theft of information. It will also help CISSM researchers develop a model of secondary effects resulting from cyber events.   

Once the basic research is conducted, CISSM researchers will also apply their assessment tools to analyze the cyber risks at a University of Maryland unit and at energy facilities in Maryland.

CISSM Senior Research Associate Charles Harry and CISSM Director Nancy Gallagher began the process of developing the Cyber Disruption Index and Framework in 2016. In April 2017, they were awarded a UMD "Invention of the Year" award at "Innovate Maryland," a UMD celebration of innovation and partnerships. 

The framework allows researchers to differentiate between low-level incidents and more significant cyber events that result in either exploitation of information and/or disruption of operations. The index provides researchers a standard method to assess the severity of different categories of disruptive attacks against different kinds of organizations based on the scope, magnitude, and duration of the event. 

This award was part of a larger $3.3 million investment in research and the university research community by the Provost's office.

Feature in selected projects: 
A Holistic Approach to Cybersecurity Risk Management