@misc{17121,
  author = {Jan Evang},
  title = {A 10-Layer Model for Service Availability Risk Management},
  abstract = {Service availability risk management is a very important part of a  Network Operations Center (NOC){\textquoteright}s work. Commonly used risk classification systems like ISO27001, NIST CSF or NIST 800-53 are not particularly useful for service availability and network availability management, so we propose a 10-layer model, which divides the risk into more related areas that match closer to how a NOC operates. The 10-layer model includes both hardware risk, risks from other assets, risks of the various network layers, and outside risks like human errors and political governance. By using this model, important risks are less likely to be overlooked, and the NOC{\textquoteright}s risk management is simplified. This paper describes the layers of the new model and provides examples of related risks and outages.},
  year = {2023},
  journal = {Proceedings of the 20th International Conference on Security and Cryptography, SECRYPT 2023},
  pages = {716-723},
  publisher = {SCITEPRESS},
}