Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.

中文翻译：

---

根据财务和运营评估选择帕累托高效应对计划

对于正在发生的对ICT系统的攻击找到适当的响应是一个难题，需要从不同的垂直角度进行评估。然而，当前的研究集中在减小攻击的影响上，而不管响应引起的副作用如何。为了对受管ICT系统可能和持续发生的攻击获得全面而准确的响应，我们提出了一种从两个垂直的角度评估响应的方法：（1）响应财务影响评估，考虑恢复和保护的财务利益在考虑响应的实施和维护成本时可能会威胁到运营能力。（2）应对行动影响评估，它从运营的角度评估有效的缓解措施可能会无意中对组织造成的潜在影响，例如，部署缓解措施的负面影响。所提出的方法的主要好处是将所有获得的评估结果与多维优化程序相结合，从而选择一个响应计划，从而将风险状态降低到允许水平以下，同时将故意采取的措施的潜在负面影响降至最低。