UCL  IRIS
Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at http://www.ucl.ac.uk/finance/research/post_award/post_award_contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Decision support for systems security investment
  • Publication Type:
    Conference
  • Authors:
    Beresnevichiene Y, Pym D, Shiu S
  • Publication date:
    20/10/2010
  • Pagination:
    118, 125
  • Published proceedings:
    2010 IEEE/IFIP Network Operations and Management Symposium Workshops, NOMS 2010
  • ISBN-13:
    9781424460380
  • Status:
    Published
Abstract
Information security managers with fixed budgets must invest in security measures to mitigate increasingly severe threats whilst maintaining the alignment of their systems with their organization's business objectives. The state of the art lacks a systematic methodology to support security investment decision-making. We describe a methodology that integrates methods from multi-attribute utility evaluation and mathematical systems modelling. We illustrate our approach using a collaborative case study with the security managers of a large organization divesting itself of its IT support services. The case study was validated against the experience and observations of the security managers and delivered, according to their judgement, useful results. Specifically, by integrating a mathematical model of system behaviour with an account of the utility of available security investment strategies, the case study has enabled them to understand better the trade-offs between the security performance and the operational consequences of their choices. © 2010 IEEE.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Author
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by