A Proactive and Time-Sensitive Cyber Risk Assessment Model Integrating Markov Chains and Bayesian Networks

As cyberattacks grow in complexity, they pose increasing threats to organizations reliant on networked infrastructures. Conventional risk assessment methodologies often fail to adapt to the evolving nature of these threats. This paper introduces a novel cyber risk assessment model that adopts a proactive, dynamic, and time-aware approach to evaluating security risks. The proposed model leverages the Exploit Prediction Scoring System (EPSS) to estimate the short-term likelihood of exploitation over a 30-day period. To improve accuracy, Bayesian networks are employed to capture both system vulnerabilities and asset interdependencies within the network. This information is integrated into an absorbing Markov chain along with the identified attack paths, which are explored using Depth-First Search (DFS). The model generates exploitation probability distributions over the predefined time window, which, when combined with asset impact, facilitates dynamic, proactive, and time-sensitive risk assessments. Additionally, it provides valuable insights into attack progression by estimating the time required for an adversary to compromise critical assets. To demonstrate the practical applicability of the model, a case study is presented, showcasing its effectiveness in assessing cyber risks within a SCADA environment.