Cyber hygiene measures are often recommended for strengthening an organization’s security posture, especially for protecting against social engineering attacks that target the human element. However, the related recommendations are typically the same for all organizations and their employees, regardless of the nature and the level of risk for different groups of users. Building upon an existing cybersecurity investment model, this paper presents a tool for optimal selection of cyber hygiene safeguards, which we refer as the Optimal Safeguards Tool (OST). The model combines game theory and combinatorial optimization (0-1 Knapsack) taking into account the probability of each user group to being attacked, the value of assets accessible by each...
This paper examines investments in cybersecurity made by users and software providers with a focus o...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...
Cyber hygiene measures are often recommended for strengthening an organization’s security posture, e...
In this paper we investigate how to optimally invest in cybersecurity controls. We are particularly ...
Assessing and controlling cyber risk is the cornerstone of information security management, but also...
When investing in cyber security resources, information security managers have to follow effective d...
AbstractWhen investing in cyber security resources, information security managers have to follow eff...
Nowadays, cyber threats are considered among the most dangerous risks by top management of enterpris...
This work addresses the challenge “how do we make better security decisions?” and it develops techni...
Losses due to cyber security incidents could be very significant for organisations. This fact forces...
Creative Commons License: Attribution 4When investing in cyber security resources, information secur...
This paper uses the concept of social cost, comprised of private and externality costs, to capture t...
Investments on cybersecurity are essential for organizations to protect operational activities, deve...
Fast-growing numbers of technologies and devices make cyber security landscape more complicated and ...
This paper examines investments in cybersecurity made by users and software providers with a focus o...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...
Cyber hygiene measures are often recommended for strengthening an organization’s security posture, e...
In this paper we investigate how to optimally invest in cybersecurity controls. We are particularly ...
Assessing and controlling cyber risk is the cornerstone of information security management, but also...
When investing in cyber security resources, information security managers have to follow effective d...
AbstractWhen investing in cyber security resources, information security managers have to follow eff...
Nowadays, cyber threats are considered among the most dangerous risks by top management of enterpris...
This work addresses the challenge “how do we make better security decisions?” and it develops techni...
Losses due to cyber security incidents could be very significant for organisations. This fact forces...
Creative Commons License: Attribution 4When investing in cyber security resources, information secur...
This paper uses the concept of social cost, comprised of private and externality costs, to capture t...
Investments on cybersecurity are essential for organizations to protect operational activities, deve...
Fast-growing numbers of technologies and devices make cyber security landscape more complicated and ...
This paper examines investments in cybersecurity made by users and software providers with a focus o...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
In the information age, the scale and scope of cyber attacks on information systems is on the rise. ...