Cost-effectiveness of Security Measures: A model-based Framework

Wolter Pieters, Christian W. Probst, Zofia Lukszo, Lorena Montoya

Research output: Chapter in Book/Report/Conference proceedingReport chapterResearchpeer-review

Abstract

Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have an adequate estimate of the effectiveness of security measures when making investment decisions. Risk concepts are known in principle, but estimating the effectiveness of countermeasure proves to be difficult and cannot be achieved by qualitative approaches only. In this chapter, the authors consider the question of how to guarantee cost-effectiveness of security measures. They investigate the possibility of using existing frameworks and tools, the challenges in a security context as opposed to a safety context, and directions for future research.
Original languageEnglish
Title of host publicationApproaches and Processes for Managing the Economics of Information Systems
EditorsTheodosios Tsiakis , Theodoros Kargidis , Panagiotis Katsaros
PublisherIGI global
Publication date2014
Pages139-156
Chapter9
ISBN (Print)978-1-4666-4983-5
DOIs
Publication statusPublished - 2014

Fingerprint Dive into the research topics of 'Cost-effectiveness of Security Measures: A model-based Framework'. Together they form a unique fingerprint.

Cite this