LAUSR

Abstract Paper is focused on theoretical and practical considerations related to risk management and cyber security based on the cyber kill chain concept introduced by Lockheed Martin. Proposed approach of cyber risk management embedded on the cyber kill chain is new and not reflected in the available literature. Proposed risk management process of identifying, analyzing, evaluating, assessing and ultimately responding to cyber threats and monitoring risks in each stage of the cyber kill chain is the heart of proposed approach. The approach may be used in organizations which are going to implement security mechanisms to align with the in-force requirements or to reduce cyber risks to accepted level. The process of the risk assessment introduced by the authors follows with the description of the example risk evaluation method based on a continuous-time Markov chain as a model of the cyber kill chain.