A common feature of cyber security and resiliency assessment methodologies is to elicit semi-quantitative information from subject matter experts (SMEs). This information is frequently based on expert knowledge of the capabilities and motivations of hybrid threats. SMEs typically provide ratings of various system aspects on an ordinal (e.g., 1–5) scale which is then aggregated to create a prioritized rank order. Crucial system information may be hidden or lost during such assessments. Here we present an approach which is cognizant of multiple sources of complexity that exist in SME-driven cyber resiliency assessment methodologies.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 email@example.com
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 firstname.lastname@example.org