Determining the Value of Information Security Investments - A Decision Support System

Hannah Louise Davies; Andrew J. C. Blyth

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Determining the Value of Information Security Investments - A Decision Support System

Topics: Information Security

In Proceedings of the International Conference on Knowledge Management and Information Sharing - Volume 0IC3K, 426-433, 2014 , Rome, Italy

Authors: Hannah Louise Davies and Andrew J. C. Blyth

Affiliation: University of South Wales, United Kingdom

Keyword(s): Return on Security Investment, Multi-Attribute Utility Theory, Decision Making under Uncertainty, Multi-Criteria Decision Making, Information Security Metrics, Decision Making for Information Security.

Related Ontology Subjects/Areas/Topics: Artificial Intelligence ; Information Security ; Knowledge Management and Information Sharing ; Knowledge-Based Systems ; Symbolic Systems

Abstract: Advances in the technological era are making information security breaches a more common occurrence. A vital part of ensuring an organisation is well protected from these increasingly complex threats is a suitable security solution. Suitability of a security solution should not only be measured in terms of goals such as reducing down time or reducing the risk of a certain threat, but also meet stakeholder and executive goals in terms of being cost effective. Currently, cost effective is determined by calculating a return on security investment calculation, where the cost of a solution is evaluated against any savings resulting after purchasing the solution to determine whether the option is viable. The current implementation of return on security investment calculations however is often subjective and inaccurate as calculations are performed in an ad-hoc manner. When there are multiple factors to consider, with uncertain or incomplete values available, a multi-attribute decision maki ng method that utilises uncertainty is required in order to allow the decision maker to assess all possible options in the most logical and objective manner, whilst keeping in mind the goals of the organisation. In this paper we present and evaluate a conceptual, analytical framework that, with the use of multi-attribute utility theory under uncertainty, is able to model return on security investment calculations in a novel way. This new calculation is introduced as a Value of Information Security Investment calculation. The final goal is to create a framework that allows for repeatable, predictable and mature, calculations that determine the value of an information security investment. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.117.216.229

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Louise Davies, H. and J. C. Blyth, A. (2014). Determining the Value of Information Security Investments - A Decision Support System. In Proceedings of the International Conference on Knowledge Management and Information Sharing (IC3K 2014) - KMIS; ISBN 978-989-758-050-5; ISSN 2184-3228, SciTePress, pages 426-433. DOI: 10.5220/0005170704260433

@conference{kmis14,
author={Hannah {Louise Davies}. and Andrew {J. C. Blyth}.},
title={Determining the Value of Information Security Investments - A Decision Support System},
booktitle={Proceedings of the International Conference on Knowledge Management and Information Sharing (IC3K 2014) - KMIS},
year={2014},
pages={426-433},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005170704260433},
isbn={978-989-758-050-5},
issn={2184-3228},
}

TY - CONF

JO - Proceedings of the International Conference on Knowledge Management and Information Sharing (IC3K 2014) - KMIS
TI - Determining the Value of Information Security Investments - A Decision Support System
SN - 978-989-758-050-5
IS - 2184-3228
AU - Louise Davies, H.
AU - J. C. Blyth, A.
PY - 2014
SP - 426
EP - 433
DO - 10.5220/0005170704260433
PB - SciTePress