Cyber Risk Assessment in IT/OT Convergence Using Machine Learning
摘要
The convergence of Information Technology (IT) and Operational Technology (OT) has heightened the need for robust cyber-risk assessment, which requires identifying plausible breaches, their impact, and effective mitigation strategies. Traditional frameworks often rely on expert opinions, leading to overconfidence, misinterpretations, and inaccurate risk estimates. This chapter introduces an innovative method using machine learning models to assess risk, identify high-risk threat vectors, and suggest mitigation strategies. We integrated MITRE ATT&CK techniques, mapped data features to breach-reported data, and labeled them with the Common Vulnerability Scoring System (CVSS). Additionally, we used statistical models to identify frequent attack chains and built a Recurrent Neural Network (RNN) model to estimate the risk score for attack chains. Finally, we provide a probabilistic risk perspective for the most relevant attack techniques, all based on public information.