排序方式: 共有3条查询结果,搜索用时 15 毫秒
1
1.
Education and Information Technologies - Recruiting, retaining, and maintaining sufficient numbers of cybersecurity professionals in the workplace is a constant battle, not only for the technical... 相似文献
2.
This paper presents a mathematical model for an optimal security-technology investment evaluation and decision-making processes based on a quantitative analysis of the security risks and a digital-assets assessment in an organization. The model makes use of a quantitative analysis of different security measures that counteract individual risks by identifying the information-system processes in an enterprise and the potential threats. The model comprises the target security levels for all the identified core business processes and the probability of a security accident together with the possible loss the organization may suffer. The model allows in-depth analyses and computations providing quantitative assessments of different options for investments, which translate into recommendations that facilitate the selection of the best solution and the associated decision-making. The model was tested using empirical examples and mathematical simulations with data from a real business environment. 相似文献
3.
This paper presents an approach enabling economic modelling of information security risk management in contemporaneous businesses and other organizations. In the world of permanent cyber attacks to ICT systems, risk management is becoming a crucial task for minimization of the potential risks that can endeavor their operation. The prevention of the heavy losses that may happen due to cyber attacks and other information system failures in an organization is usually associated with continuous investment in different security measures and purchase of data protection systems. With the rise of the potential risks the investment in security services and data protection is growing and is becoming a serious economic issue to many organizations and enterprises. This paper analyzes several approaches enabling assessment of the necessary investment in security technology from the economic point of view. The paper introduces methods for identification of the assets, the threats, the vulnerabilities of the ICT systems and proposes a procedure that enables selection of the optimal investment of the necessary security technology based on the quantification of the values of the protected systems. The possibility of using the approach for an external insurance based on the quantified risk analyses is also provided. 相似文献
1