Cybersecurity is an inseparable component of business operations in any industry that utilizes information systems. Hence, the problem of cybersecurity investment, defined by the cost-effectiveness of investing on cybersecurity countermeasures, is an important financial and operational decision for most businesses. We propose a modeling framework that incorporates major components relevant to cybersecurity practice, and study the characteristics of optimal cybersecurity investment decisions for a firm. The uncertainty in the problem is captured through a stochastic programming framework. A case study based on real cybersecurity practice of an organization is also presented, where the results cast managerial insights for cybersecurity investment that can be widely applicable in typical businesses.
Cybersecurity Investment Optimization with Risk: Insights for Resource Allocation
10 Views
6 Downloads