DICYME:Dynamic Industrial Cyber Risk Modelling Based on Evidence
-
Research Centre for Intelligent Information Technologies (CETINIA-DSLAB)
Rey Juan Carlos University
C/ Tulip´an, s/n, 28933 Madrid, Spain
јavier.garciaochoa@urjc.es (corresponding author), jaime.rueda@urjc.es, ruben.rodriguez@urjc.es, alberto.fernandez.isabel@urjc.es, isaac.martin@urjc.es, emilio.lopez@urjc.es -
DeNexus Inc.
Boston, United States
rr@denexus.io, ol@denexus.io, jp@denexus.io
Abstract
The accelerated pace of digital transformation has significantly reshaped the cybersecurity domain, fostering an interconnected ecosystem in which cyber threats have expanded in both their complexity and scope. Traditional cybersecu rity methods are increasingly inadequate for addressing the rapidly evolving threat landscape, emphasizing the critical need for intelligent, adaptive, and proactive de fensive strategies. This study introduces Dynamic Industrial Cyber Risk Modelling Based on Evidence(DICYME),acomprehensivesystemthatintegrates diverse ana lytical techniques to identify patterns and characteristics that reveal emerging threat trends, enabling organizations to proactively defend against potential future attacks. Beyond threat detection, DICYME operates as a pipeline that retrieves data from diverse cyber incident reports, specialized databases, and other relevant sources of cyber-related information, applies specialized techniques for victim identification, indicator computation, threat actor profiling, Common Vulnerability and Exposure (CVE) relationship mapping, and ultimately performs the Cyber Risk Quantifica tion (CRQ). This final stage represents the system’s most distinctive contribution, as it translates complex analytical outputs into actionable risk insights, empower ing organizations to make informed strategic decisions in the face of evolving cyber threats. Alternatively, the system implements an automatic workflow that constructs new datasets of compromised entities, enabling these datasets to be used by all com ponents of the system. Experiments on real cyber incident datasets demonstrate the system’s ability to automatically construct high-quality victim profiles and estimate annualized financial risk, offering a scalable and data-driven approach for proactive cybersecurity management.
Key words
Cyber Risk Quantification, Machine Learning, Large Language Mod els, Indicators, Firmographics, Threat Actors, Vulnerabilities.
Digital Object Identifier (DOI)
https://doi.org/10.2298/CSIS251030027G
Publication information
Volume 23, Issue 3 (June 2026)
Year of Publication: 2026
ISSN: 2406-1018 (Online)
Publisher: ComSIS Consortium
Full text
Available in PDF
Portable Document Format
How to cite
García-Ochoa, J., Rueda, J., Fernández, R.R., Fernández-Isabel, A., Martín de Diego, I., Cano, E.L., Ravines, R.R., López Espinosa, O., Puigbó Sanvisens, J.: DICYME: Dynamic Industrial Cyber Risk Modelling Based on Evidence. Computer Science and Information Systems, 23(3), 1001–1026 (2026). https://doi.org/10.2298/CSIS251030027G
Journal's Facebook page