๐Ÿ‡บ๐Ÿ‡ธCybersecurity Risk Assessment with Bayesian Networks

Presented at the 10th Annual BayesiaLab Conference on Wednesday, October 26, 2022.


Risk assessment is challenging when data is unavailable, hard to obtain, or costly to process. Organizations often request estimates from experts instead. This talk demonstrates how to integrate cybersecurity data with expert estimates using Bayesian Networks. Cybersecurity analysts, resource managers, and executives can use Bayesian Network models to perform risk assessments, select security controls, and prioritize which suspicious events to investigate first. System administrators can configure autonomous sources of data, including vulnerability scanners and cybersecurity event monitoring systems, to automatically update these hybrid network models alongside inputs from risk analysts and executives.

Presentation Video

Presentation Slides

About the Presenter

Corey Neskey, Vice President, Quantitative Risk, Hive Systems corey.neskey@hivesystems.io

Corey has been providing analyses, architecting secure environments, and leading security program implementations in IT security and risk since 2011. His career started with informing executive decision-making using algebraic data analyses for explanation, simulation, and attribution (i.e., intelligence analysis, forensics, SOC, CIRT), and optimization. His toolset expanded to more descriptive and predictive methods (i.e., machine learning/AI for risk assessment, vulnerability prioritization, and event correlation). He is now developing skills for integrating these analytical areas and expanding beyond algebraic methods and static probability calculus to using Bayesian network models.

Last updated


Bayesia USA


Bayesia S.A.S.


Bayesia Singapore


Copyright ยฉ 2024 Bayesia S.A.S., Bayesia USA, LLC, and Bayesia Singapore Pte. Ltd. All Rights Reserved.