Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes

Nienke Brendel; Noa Sophia Holl; Noëlle Kalee; Anna Kummer; Debby Bouma; Jan Treur; Peter H.M.P. Roelofsma

doi:10.1007/978-3-032-07992-3_44

Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes

Nienke Brendel, Noa Sophia Holl, Noëlle Kalee, Anna Kummer, Debby Bouma, Jan Treur^*, Peter H.M.P. Roelofsma

^*Corresponding author for this work

Artificial Intelligence

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

This paper presents a scenario-based analysis of a cyberattack targeting a university admissions office through spear-phishing, demonstrating how a local breach can escalate into broader systemic risks within interconnected networks such as Studielink and DUO. An adaptive temporal-causal network modeling approach is used to simulate the cascading effects of the breach and the institutional response over time. The model visualizes the interactions between critical states, such as malware detection, data compromise, and suspension of the admissions process, and allows for a What-If analysis. This analysis explores how variations in the speed of data compromise, reputational damage thresholds, and communication timing affect the system’s ability to contain the attack. The findings emphasize the importance of timely response, effective communication strategies, and coordinated preparedness across organizations. By showing how different parts of the system are connected and where things can go wrong, this study helps organizations better understand the risks of a cyberattack. It supports cyber risk management by making it easier to prepare for incidents, improve response plans and reduce the impact of future attacks. A key limitation is that some probabilities were based on expert estimates rather than empirical data, highlighting the need for future validation through diverse scenario testing.

Original language	English
Title of host publication	Proceedings of the Future Technologies Conference, FTC 2025, Volume 4
Editors	Kohei Arai
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	693-710
Number of pages	18
ISBN (Print)	9783032079916
DOIs	https://doi.org/10.1007/978-3-032-07992-3_44
Publication status	Published - 2026
Event	Future Technologies Conference, FTC 2025 - Munich, Germany Duration: 6 Nov 2025 → 7 Nov 2025

Publication series

Name	Lecture Notes in Networks and Systems
Volume	1678 LNNS
ISSN (Print)	2367-3370
ISSN (Electronic)	2367-3389

Conference

Conference	Future Technologies Conference, FTC 2025
Country/Territory	Germany
City	Munich
Period	6/11/25 → 7/11/25

Bibliographical note

Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.

Keywords

Cybersecurity
Higher education
Interconnected cascade systems
Systemic risk

Access to Document

10.1007/978-3-032-07992-3_44

Persistent URL (handle)

Persistent link

Cite this

Brendel, N., Holl, N. S., Kalee, N., Kummer, A., Bouma, D., Treur, J., & Roelofsma, P. H. M. P. (2026). Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes. In K. Arai (Ed.), Proceedings of the Future Technologies Conference, FTC 2025, Volume 4 (pp. 693-710). (Lecture Notes in Networks and Systems; Vol. 1678 LNNS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-032-07992-3_44

@inproceedings{f5b9b6fbf27e421abea702118afaf041,

title = "Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes",

abstract = "This paper presents a scenario-based analysis of a cyberattack targeting a university admissions office through spear-phishing, demonstrating how a local breach can escalate into broader systemic risks within interconnected networks such as Studielink and DUO. An adaptive temporal-causal network modeling approach is used to simulate the cascading effects of the breach and the institutional response over time. The model visualizes the interactions between critical states, such as malware detection, data compromise, and suspension of the admissions process, and allows for a What-If analysis. This analysis explores how variations in the speed of data compromise, reputational damage thresholds, and communication timing affect the system{\textquoteright}s ability to contain the attack. The findings emphasize the importance of timely response, effective communication strategies, and coordinated preparedness across organizations. By showing how different parts of the system are connected and where things can go wrong, this study helps organizations better understand the risks of a cyberattack. It supports cyber risk management by making it easier to prepare for incidents, improve response plans and reduce the impact of future attacks. A key limitation is that some probabilities were based on expert estimates rather than empirical data, highlighting the need for future validation through diverse scenario testing.",

keywords = "Cybersecurity, Higher education, Interconnected cascade systems, Systemic risk",

author = "Nienke Brendel and Holl, \{Noa Sophia\} and No{\"e}lle Kalee and Anna Kummer and Debby Bouma and Jan Treur and Roelofsma, \{Peter H.M.P.\}",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.; Future Technologies Conference, FTC 2025 ; Conference date: 06-11-2025 Through 07-11-2025",

year = "2026",

doi = "10.1007/978-3-032-07992-3\_44",

language = "English",

isbn = "9783032079916",

series = "Lecture Notes in Networks and Systems",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "693--710",

editor = "Kohei Arai",

booktitle = "Proceedings of the Future Technologies Conference, FTC 2025, Volume 4",

address = "Germany",

}

Brendel, N, Holl, NS, Kalee, N, Kummer, A, Bouma, D, Treur, J & Roelofsma, PHMP 2026, Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes. in K Arai (ed.), Proceedings of the Future Technologies Conference, FTC 2025, Volume 4. Lecture Notes in Networks and Systems, vol. 1678 LNNS, Springer Science and Business Media Deutschland GmbH, pp. 693-710, Future Technologies Conference, FTC 2025, Munich, Germany, 6/11/25. https://doi.org/10.1007/978-3-032-07992-3_44

Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes. / Brendel, Nienke; Holl, Noa Sophia; Kalee, Noëlle et al.
Proceedings of the Future Technologies Conference, FTC 2025, Volume 4. ed. / Kohei Arai. Springer Science and Business Media Deutschland GmbH, 2026. p. 693-710 (Lecture Notes in Networks and Systems; Vol. 1678 LNNS).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes

AU - Brendel, Nienke

AU - Holl, Noa Sophia

AU - Kalee, Noëlle

AU - Kummer, Anna

AU - Bouma, Debby

AU - Treur, Jan

AU - Roelofsma, Peter H.M.P.

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2026.

PY - 2026

Y1 - 2026

N2 - This paper presents a scenario-based analysis of a cyberattack targeting a university admissions office through spear-phishing, demonstrating how a local breach can escalate into broader systemic risks within interconnected networks such as Studielink and DUO. An adaptive temporal-causal network modeling approach is used to simulate the cascading effects of the breach and the institutional response over time. The model visualizes the interactions between critical states, such as malware detection, data compromise, and suspension of the admissions process, and allows for a What-If analysis. This analysis explores how variations in the speed of data compromise, reputational damage thresholds, and communication timing affect the system’s ability to contain the attack. The findings emphasize the importance of timely response, effective communication strategies, and coordinated preparedness across organizations. By showing how different parts of the system are connected and where things can go wrong, this study helps organizations better understand the risks of a cyberattack. It supports cyber risk management by making it easier to prepare for incidents, improve response plans and reduce the impact of future attacks. A key limitation is that some probabilities were based on expert estimates rather than empirical data, highlighting the need for future validation through diverse scenario testing.

AB - This paper presents a scenario-based analysis of a cyberattack targeting a university admissions office through spear-phishing, demonstrating how a local breach can escalate into broader systemic risks within interconnected networks such as Studielink and DUO. An adaptive temporal-causal network modeling approach is used to simulate the cascading effects of the breach and the institutional response over time. The model visualizes the interactions between critical states, such as malware detection, data compromise, and suspension of the admissions process, and allows for a What-If analysis. This analysis explores how variations in the speed of data compromise, reputational damage thresholds, and communication timing affect the system’s ability to contain the attack. The findings emphasize the importance of timely response, effective communication strategies, and coordinated preparedness across organizations. By showing how different parts of the system are connected and where things can go wrong, this study helps organizations better understand the risks of a cyberattack. It supports cyber risk management by making it easier to prepare for incidents, improve response plans and reduce the impact of future attacks. A key limitation is that some probabilities were based on expert estimates rather than empirical data, highlighting the need for future validation through diverse scenario testing.

KW - Cybersecurity

KW - Higher education

KW - Interconnected cascade systems

KW - Systemic risk

UR - https://www.scopus.com/pages/publications/105021840184

UR - https://www.scopus.com/inward/citedby.url?scp=105021840184&partnerID=8YFLogxK

U2 - 10.1007/978-3-032-07992-3_44

DO - 10.1007/978-3-032-07992-3_44

M3 - Conference contribution

AN - SCOPUS:105021840184

SN - 9783032079916

T3 - Lecture Notes in Networks and Systems

SP - 693

EP - 710

BT - Proceedings of the Future Technologies Conference, FTC 2025, Volume 4

A2 - Arai, Kohei

PB - Springer Science and Business Media Deutschland GmbH

T2 - Future Technologies Conference, FTC 2025

Y2 - 6 November 2025 through 7 November 2025

ER -

Brendel N, Holl NS, Kalee N, Kummer A, Bouma D, Treur J et al. Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes. In Arai K, editor, Proceedings of the Future Technologies Conference, FTC 2025, Volume 4. Springer Science and Business Media Deutschland GmbH. 2026. p. 693-710. (Lecture Notes in Networks and Systems). doi: 10.1007/978-3-032-07992-3_44

Computational Analysis of Cascade Cyber Risk Management in Student Admissions Processes

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this