Adaptive Cyber Risk Management Framework for Critical Infrastructures: Integrating IDS, SOC, and CSIRT for Resilient Threat Mitigation
摘要
Important sectors like the health care and finance sector should take special care towards managing cyber risk and cyber management, particularly with the rising interconnectedness. Risk assessment frameworks that have been developed are insufficient in dealing with cyber threats which are dynamic and complex. This paper proposes the adaptive cyber risk management framework. Also, the proposed framework is integrated with international standards including ISO IEC 27005, ISO 31000, and NIST CSF. In addition, layered technical architecture with IDS, SOC, and CSIRT. By establishing a cyclic and feedback-driven methodology, the proposed risk detection model can improve the accuracy of risk detection and reduce the latency of the response. The risk detection model also evolves over time and provides real-time analytical and data-driven insights which helps in machine learning. The experiments show 9 to 10% more detection and 35% less time than similar frameworks already available in the market. The findings prove hybrid intelligence and structured governance can produce measurable resilience across critical infrastructures. The study looks at how everything fits together in terms of policy and organisations, not to mention people. According to the model proposed in this plan, the move will be from static, compliance mindset security management to a risk management model based on adaptive, intelligence driven security management.