Cyber risk management: Theories, frameworks, models, and practices

The beamforming approach has been emerging as a very important concept for next generation networks. In addition to the improved channel capacity, spectral efficiency, energy efficiency, secrecy rate and secrecy outage probability, the upcoming fifth generation network mainly aims at enhancing the parameters of the channel for secure communication. In this paper, we have implied the allocation of resource blocks adaptively using HMM with a beamforming approach in an intruded network. A system model for secure communication in an intruded network has been discussed using a beamforming approach with the main motive being to provide a security scenario to the data which is transmitted over an unsecured channel in a network. In addition to this we have used the approach of HMM for allocating the resource blocks to the users which have been demanded and applied in order to avoid the intrusion and wastage of resource blocks.

Design and implementation of novel 6G cellular communication architecture using 3D modelling in real environments

Academics and businesses alike are presently fixated on the Sixth Generation (6G) network, which is seen as the telecom industry’s next major game-changer. The 6G architecture has not been finalized and is not yet being used in commercial settings. Research and development for 6G is still in its early stages. Several important features and technologies have surfaced as possible 6G system underpinnings, while development is still in its early phases. To facilitate the next generation of 3D modeling applications, this article suggests a new 6G cellular communication architecture. Aware of 6G’s revolutionary potential, we investigate its fundamental features to build a collaborative, real-time 3D modeling environment with unmatched capabilities. The goal of this project is to design the architecture for the next generation of communications systems. This will incorporate elements from two existing designs: the decoupled RAN design, which improves security and smooth data sorting, and the high-level design, which incorporates numerous protocols inside the antenna for stringent protection. Lastly, we delve into the possible sector-specific disruptions caused by this design and examine its wider implications for the future of 3D modeling. We hope that by introducing this new 6G architecture, we may inspire more study and development towards a day when 6G technology completely changes the game when it comes to 3D modeling.

Cyber risk management: Theories, frameworks, models, and practices

Cheryl Ann Alexander, Lidong Wang

Article ID: 3118
Vol 3, Issue 1, 2025

DOI: https://doi.org/10.54517/cte3118

Received: 2 December 2024; Accepted: 7 March 2025; Available online: 14 March 2025; Issue release: 31 March 2025

Download PDF

Abstract

Cyber risks have been a major concern even if more advanced technologies have been used to deter or mitigate cyberattacks. Much research has been conducted in the areas of cyber risks and cybersecurity. Handling cyber risks needs the specific support of the theories, frameworks, and models of cyber risk management. This paper introduces theories for managing cyber risks, frameworks for handling cyber risks, models for managing cyber risks, and cyber risk management and practices. Cyber risk management and threat intelligence provide their technologies and standards. Healthcare organizations must provide robust cybersecurity procedures. Big data analytics, artificial intelligence (AI)/machine learning (ML)/deep learning (DL), etc., have thus far offered significant advances in cybersecurity for healthcare agencies. This paper will also present a case study of managing cyber risks, which will demonstrate how successful these theories, frameworks, models, and practices have been in healthcare. This paper is not a more in-depth qualitative or quantitative analysis but focuses on identifying, justifying, and describing certain key issues regarding cyber risks.

Keywords

cybersecurity; cyber risks; deep learning (DL); game theoretic approach (GTA); goal and effect (G&E) model; threat intelligence; healthcare

References

1. MITRE Corporation. MITRE systems engineering guide—risk identification. MITRE Corporation; 2021.

2. National Institute of Standards and Technology (NIST). Security and privacy controls for information systems and organizations (NIST Special Publication 800-53, Revision 5). NIST; 2020.

3. Öbrand L, Holmström J, Newman M. Navigating Rumsfeld’s quadrants: A performative perspective on IT risk management. Technology in Society. 2018; 53: 1-8. doi: 10.1016/j.techsoc.2018.09.009

4. Gonzalez-Granadillo G, Menesidou SA, Papamartzivanos D, et al. Automated Cyber and Privacy Risk Management Toolkit. Sensors. 2021; 21(16): 5493. doi: 10.3390/s21165493

5. Kamiya S, Kang JK, Kim J, et al. Risk management, firm reputation, and the impact of successful cyberattacks on target firms. Journal of Financial Economics. 2021; 139(3): 719-749. doi: 10.1016/j.jfineco.2019.05.019

6. Martins AM, Moutinho N. Stock-Term market impact of major cyber-attacks: Evidence for the ten most exposed insurance firms to cyber risk. Finance Research Letters. 2025; 71: 106361. doi: 10.1016/j.frl.2024.106361

7. Wu ZM, Luo J, Fang X, et al. Modeling multivariate cyber risks: deep learning dating extreme value theory. Journal of Applied Statistics. 2023; 50(3): 610-630. doi: 10.1080/02664763.2021.1936468

8. Sun P, Wan Y, Wu Z, et al. A survey on privacy and security issues in IoT-based environments: Technologies, protection measures and future directions. Computers & Security. 2025; 148: 104097. doi: 10.1016/j.cose.2024.104097

9. Kandasamy K, Srinivas S, Achuthan K, et al. IoT cyber risk: a holistic analysis of cyber risk assessment frameworks, risk vectors, and risk ranking process. EURASIP Journal on Information Security. 2020; 2020(1). doi: 10.1186/s13635-020-00111-0

10. Akinwumi DA, Iwasokun GB, Alese BK, et al. A review of game theory approach to cyber security risk management. Nigerian Journal of Technology. 2018; 36(4): 1271. doi: 10.4314/njt.v36i4.38

11. Zarreh A, Wan H, Lee Y, et al. Risk Assessment for Cyber Security of Manufacturing Systems: A Game Theory Approach. Procedia Manufacturing. 2019; 38: 605-612. doi: 10.1016/j.promfg.2020.01.077

12. Sharma BB, Kumar R, Sharma R. Enhancing Smart Grid Efficiency: The Role of IoT Blockchain and Fuzzy Set Theory. In: Optimization, Machine Learning, and Fuzzy Logic: Theory, Algorithms, and Applications. IGI Global Scientific Publishing; 2025. pp. 261-296.

13. Li T, Sun J, Fei L. Dempster-Shafer theory in emergency management: a review. Natural Hazards. 2025; 1-28. doi: 10.1007/s11069-024-07096-w

14. Ksibi S, Jaidi F, Bouhoula A. A Comprehensive Study of Security and Cyber-Security Risk Management within e-Health Systems: Synthesis, Analysis and a Novel Quantified Approach. Mobile Networks and Applications. 2023; 28(1): 107-127. doi: 10.1007/s11036-022-02042-1

15. Shankar DD, Azhakath AS, Khalil N, et al. Data mining for cyber biosecurity risk management – A comprehensive review. Computers & Security. 2024; 137: 103627. doi: 10.1016/j.cose.2023.103627

16. National Institute of Standards and Technology (NIST). The NIST privacy framework: A tool for improving privacy through enterprise risk management. NIST; 2020

17. Facchinetti S, Osmetti SA, Tarantola C. A statistical approach for assessing cyber risk via ordered response models. Risk Analysis. 2024; 44(2): 425-438. doi: 10.1111/risa.14186

18. Kia AN, Murphy F, Sheehan B, et al. A cyber risk prediction model using common vulnerabilities and exposures. Expert Systems with Applications. 2024; 237: 121599. doi: 10.1016/j.eswa.2023.121599

19. Ahn MK, Kim YH, Lee JR. Hierarchical Multi-Stage Cyber Attack Scenario Modeling Based on G&E Model for Cyber Risk Simulation Analysis. Applied Sciences. 2020; 10(4): 1426. doi: 10.3390/app10041426

20. Preston WC. Modern data protection. O'Reilly Media, Inc.; 2021.

21. National Institute of Standards and Technology (NIST). Risk management framework for information systems and organizations: A system life cycle approach for security and privacy (NIST Special Publication 800-37, Revision 2). NIST; 2018.

22. El Amin H, Samhat AE, Chamoun M, et al. An Integrated Approach to Cyber Risk Management with Cyber Threat Intelligence Framework to Secure Critical Infrastructure. Journal of Cybersecurity and Privacy. 2024; 4(2): 357-381. doi: 10.3390/jcp4020018

23. Chiaradonna S, Jevtić P, Lanchier N. Framework for cyber risk loss distribution of hospital infrastructure: Bond percolation on mixed random graphs approach. Risk Analysis. 2023; 43(12): 2450-2485. doi: 10.1111/risa.14127

24. Walshe N, Ryng S, Drennan J, et al. Situation awareness and the mitigation of risk associated with patient deterioration: A meta-narrative review of theories and models and their relevance to nursing practice. International Journal of Nursing Studies. 2021; 124: 104086. doi: 10.1016/j.ijnurstu.2021.104086

25. Samhan B. Can cyber risk management insurance mitigate healthcare providers’ intentions to resist electronic medical records? International Journal of Healthcare Management. 2020; 13(1): 12-21. doi: 10.1080/20479700.2020.1412558

26. Shanmugavelu R, Ravi V. Enhancing Security in Healthcare Frameworks using Optimal Deep Learning-based Attack Detection and Classification for Medical Wireless Sensor Networks. Engineering, Technology & Applied Science Research. 2025; 15(2): 21197-21202. doi: 10.48084/etasr.9741

Refbacks

There are currently no refbacks.

Editor-in-Chief

Prof. Maode Ma

Qatar University, Qatar

Indexing & Archiving

News & Announcements

2024-11-18

The technology news on computer and telecommunication engineering!

The field of computer and telecommunications engineering is rapidly advancing, with the following being some of the latest developments.
more

2024-07-01

First anniversary of the Journal!

We are pleased to congratulate the first anniversiry of the journal of Computer and Telecommunication Engineering (CTE).
more

2024-01-10

The inaugural issue is now available online!

Owing to the tireless dedication of the editor-in-chief, editorial board members, and the in-house editorial team, we are proud to announce the successful online launch of the first issue of Computer and Telecommunication Engineering.

More Announcements...

Member Application

Apply to Be Reviewer

Apply to Be EBM

Journal Center

Asia Pacific Academy of Science Pte. Ltd. (APACSCI) specializes in international journal publishing. APACSCI adopts the open access publishing model and provides an important communication bridge for academic groups whose interest fields include engineering, technology, medicine, computer, mathematics, agriculture and forestry, and environment.

more