scholarly journals Determining the Value of Information Security Investments - A Decision Support System

2014 ◽  
Author(s):  
Hannah Louise Davies ◽  
Andrew J. C. Blyth
Keyword(s):  
Decision Support ◽  
Information Security ◽  
Decision Support System ◽  
Support System ◽  
Value Of Information ◽  
Security Investments

scholarly journals Development of a model for choosing strategies for investing in information security

2021 ◽  
Vol 2 (3 (110)) ◽  
pp. 43-51
Author(s):  
Valeriy Lakhno ◽  
Volodimir Malyukov ◽  
Berik Akhmetov ◽  
Dmytro Kasatkin ◽  
Liubov Plyska
Keyword(s):  
Decision Support ◽  
Information Security ◽  
Decision Support System ◽  
Support System ◽  
New Class ◽  
Modular Software ◽  
Proposed Model ◽  
Software Product ◽  
Continue Research ◽  
Multidimensional Objects

This paper has proposed a model of the computational core for the decision support system (DSS) when investing in the projects of information security (IS) of the objects of informatization (OBI). Including those OBI that can be categorized as critically important. Unlike existing solutions, the proposed model deals with decision-making issues in the ongoing process of investing in the projects to ensure the OBI IS by a group of investors. The calculations were based on the bilinear differential quality games with several terminal surfaces. Finding a solution to these games is a big challenge. It is due to the fact that the Cauchy formula for bilinear systems with arbitrary strategies of players, including immeasurable functions, cannot be applied in such games. This gives grounds to continue research on finding solutions in the event of a conflict of multidimensional objects. The result was an analytical solution based on a new class of bilinear differential games. The solution describes the interaction of objects investing in OBI IS in multidimensional spaces. The modular software product "Cybersecurity Invest decision support system " (Ukraine) for the Windows platform is described. Applied aspects of visualization of the results of calculations obtained with the help of DSS have been also considered. The Plotly library for the Python algorithmic language was used to visualize the results. It has been shown that the model reported in this work can be transferred to other tasks related to the development of DSS in the process of investing in high-risk projects, such as information technology, cybersecurity, banking, etc.

scholarly journals Decision support system in the task of ensuring information security of automated process control systems

2019 ◽  
pp. 477-486
Author(s):  
A D Kirillova ◽  
V I Vasilyev ◽  
A V Nikonov ◽  
V V Berkholts
Keyword(s):  
Control System ◽  
Decision Support ◽  
Information Security ◽  
Process Control ◽  
Decision Support System ◽  
Control Systems ◽  
Support System ◽  
Decision Rules ◽  
Process Control Systems ◽  
Automated Process

The problem of ensuring the information security of an automated process control system (APCS) is considered. An overview of the main regulatory documents on ensuring the safety of automated process control systems is given. For the operative solution of the tasks of ensuring information security of the automated control system of technological processes it is proposed to use an intelligent decision support system (DSS). An example of the construction and implementation of decision rules in the composition of the DSS based on the use of neurofuzzy models is considered.

Web-Base Group Decision Support System for Information Security Decision Making in Case of Indian E-Government Systems

2011 ◽  
Vol 403-408 ◽  
pp. 954-962
Author(s):  
Mayur Gaigole ◽  
Nilay Khere
Keyword(s):  
Decision Making ◽  
Decision Support ◽  
Information Security ◽  
Decision Support System ◽  
Group Decision Making ◽  
Support System ◽  
Group Decision ◽  
Group Decision Support ◽  
Decision Making Process ◽  
Group Decision Support System

This paper presents a web base multicriteria group decision support system for evaluating information security policy decision making with respect to Indian e-government system. This study first proposes a rational-political group decision-making model which identifies three uncertain factors involved in a group decision-making process: decision maker’s roles in a group reaching a satisfactory solution, preferences for alternatives and judgments for assessment criteria. Based on the model, a linguistic term oriented multi criteria group decision-making method is developed. The method uses general fuzzy number to deal with the three uncertain factors described by linguistic terms and aggregates these factors into a group satisfactory decision that is in a most acceptable degree of the group. Moreover, this study implements the method by developing a web-based group decision support system. This system allows decision makers to participate a group decision-making through the web, and manages the group decision-making process as a whole, from criteria generation, alternative evaluation, opinions interaction to decision aggregation. An information security decision making problem is presented to demonstrate the effectiveness of the approach.

scholarly journals DECISION SUPPORT IN CYBERSECURITY PROBLEMS BASED ON MATRIX OF SIGNS OF CYBERTHREATS

2020 ◽  
pp. 181-186
Author(s):  
B. Akhmetov ◽  
V. Lakhno ◽  
A. Shaikhanova ◽  
Sh. Tolybayev
Keyword(s):  
Decision Support ◽  
Information Security ◽  
Decision Support System ◽  
Complex Systems ◽  
Support System ◽  
Information Technologies ◽  
Feature Space ◽  
Network Intrusions ◽  
Information Objects

Due to the globalization of the use of information technologies and systems, the main problem of ensuring their smooth functioning is the cybersecurity of electronic resources and information security from destructive and unauthorized intrusions. Systems for detecting or recognizing various network intrusions, as well as determining the quality of attacks and anomalies, have their own niche in the market.This paper describes a method and algorithms for the formation of a feature space for the base of an intellectualized decision support system in cybersecurity problems. Intellectualized support system for promoting the protection of information about yourself with complex systems. The described algorithms allow you to dynamically replenish the database when new threats appear, which will reduce the time for their analysis, at the same time for cases of difficult-to-explain symptoms and reduce the number of false positives in the system for detecting threats, anomalies and attacks on information objects

scholarly journals Ontology-based information security compliance determination and control selection on the example of ISO 27002

2018 ◽  
Vol 26 (5) ◽  
pp. 551-567 ◽  
Author(s):  
Stefan Fenz ◽  
Thomas Neubauer
Keyword(s):  
Decision Support ◽  
Information Security ◽  
Decision Support System ◽  
Support System ◽  
Risk Level ◽  
Management Decision ◽  
Content Type ◽  
Security Controls ◽  
Formal Control ◽  
Security Compliance

PurposeThe purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security compliance checking process. The authors advanced the state-of-the-art by developing and applying the method to ISO 27002 information security controls and by developing a semantic decision support system.Design/methodology/approachThe research has been conducted under design science principles. The formalized information security controls were used in a compliance/risk management decision support system which has been evaluated with experts and end-users in real-world environments.FindingsThere are different ways of obtaining compliance to information security standards. For example, by implementing countermeasures of different quality depending on the protection needs of the organization. The authors developed decision support mechanisms which use the formal control descriptions as input to support the decision-maker at identifying the most appropriate countermeasure strategy based on cost and risk reduction potential.Originality/valueFormalizing and mapping the ISO 27002 controls to the security ontology enabled the authors to automatically determine the compliance status and organization-wide risk-level based on the formal control descriptions and the modelled environment, including organizational structures, IT infrastructure, available countermeasures, etc. Furthermore, it allowed them to automatically determine which countermeasures are missing to ensure compliance and to decrease the risk to an acceptable level.

Sign in / Sign up

Export Citation Format

Share Document