Vis enkel innførsel

dc.contributor.advisorFlage, Roger
dc.contributor.authorTrivyzadaki, Evangelia
dc.date.accessioned2021-09-29T16:29:38Z
dc.date.available2021-09-29T16:29:38Z
dc.date.issued2021
dc.identifierno.uis:inspera:79027917:49821969
dc.identifier.urihttps://hdl.handle.net/11250/2786309
dc.description.abstractHome Office has become a necessity nowadays, as it is part of the business continuity plan for many companies and organizations worldwide, ever since the COVID-19 outbreak made its presence in 2020. Even though it is not new as a concept, it has had a rapid growth, and it is now heavily used even within business areas that preferred to have all employees working from corporate offices. The oil and gas industry is such an example, since companies with a presence in that area, would always prefer to have their employees on-site, rather than working remotely. The aggressive introduction of “Work from Home” solutions though, comes with significant cyber risks that are not to be taken lightly. The aim of this thesis is to analyze a set of common risk assessment methodologies that are used in information security and test their effectiveness in terms of assessing cybersecurity risks related to the home office implementation in the oil and gas industry. The methodologies under investigation are IRAM2, ISO 27005:2018, Octave Allegro, FAIR and NIST SP800-30. According to the findings, there are specific strengths and limitations that risk analysts, decision-makers and other relevant stakeholders need to consider while using one or more of these methods for this specific use-case. The most important factor is time, which causes significant impediments for all involved parties and limits the options that can be considered, for reacting to the rationality of the situation. There are also more generic learnings though which are applicable even if companies had more time for properly assessing cyber risks before introducing remote worker solutions. The outcome of the research leans towards the use of two or more different risk assessment methodologies, which can be combined depending on the company’s needs and the project in scope. The learnings of this thesis can be useful for future potential incidents of a similar nature.
dc.description.abstract
dc.languageeng
dc.publisheruis
dc.titleAssessing home office cyber risks in the oil & gas industry A comparative study of risk assessment methods
dc.typeMaster thesis


Tilhørende fil(er)

Thumbnail

Denne innførselen finnes i følgende samling(er)

  • Studentoppgaver (TN-ISØP) [1409]
    Master- og bacheloroppgaver i Byutvikling og urban design / Offshore technology : risk management / Risikostyring / Teknologi/Sivilingeniør : industriell økonomi / Teknologi/Sivilingeniør : risikostyring / Teknologi/Sivilingeniør : samfunnssikkerhet

Vis enkel innførsel