Abstract Currently, organizations have an increasing dependence on information systems. These essential IT services are thus attractive targets for direct or unintentional attacks, and the resulting incidents can jeopardize the mission of the organization. The way for different entities to organize and make decisions on how to act towards them is performed through risk management. … Continue reading SS04 – Special Session on Measurements for Dynamic Cyber-risk Assessment