ABSTRACT
Through the use of Bayesian inferences, new information about different events can be obtained with a higher level of detail since knowledge about a phenomenon is updated with evidence. In risk assessment, this evidence can be observed or hypothetical, and, since it is possible to find out what would happen in different situations based on this analysis, better decisions can be made. One of the main advantages of the Bayesian network model is that it considers the conditional dependence of the random variables.
In this chapter, risk assessment consisted of finding the probabilities of different cyber attack events on the network. This type of analysis is useful in cases where decision making is based on probabilities. Future work will focus on adding more detail to the risk assessment according to the needs of the assessor. For example, the impact of cyber attacks can be included, both in the form of a score created by the evaluator or related to the financial loss caused by cyber attacks, and this financial loss can be focused on information loss or interruption of service.
