Effective security safeguard selection process for return on security investment

Hoon Kim Do, Lee Taek, Hoh In

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

Original languageEnglish
Title of host publicationProceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008
Pages668-673
Number of pages6
DOIs
Publication statusPublished - 2008 Dec 1

Fingerprint

Analytic hierarchy process
Information systems

ASJC Scopus subject areas

  • Computer Science Applications
  • Software
  • Electrical and Electronic Engineering

Cite this

Do, H. K., Taek, L., & In, H. (2008). Effective security safeguard selection process for return on security investment. In Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008 (pp. 668-673). [4780750] https://doi.org/10.1109/APSCC.2008.182

Effective security safeguard selection process for return on security investment. / Do, Hoon Kim; Taek, Lee; In, Hoh.

Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008. 2008. p. 668-673 4780750.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Do, HK, Taek, L & In, H 2008, Effective security safeguard selection process for return on security investment. in Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008., 4780750, pp. 668-673. https://doi.org/10.1109/APSCC.2008.182
Do HK, Taek L, In H. Effective security safeguard selection process for return on security investment. In Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008. 2008. p. 668-673. 4780750 https://doi.org/10.1109/APSCC.2008.182
Do, Hoon Kim ; Taek, Lee ; In, Hoh. / Effective security safeguard selection process for return on security investment. Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008. 2008. pp. 668-673
@inproceedings{930d221d086046a598370034b2245837,
title = "Effective security safeguard selection process for return on security investment",
abstract = "Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.",
author = "Do, {Hoon Kim} and Lee Taek and Hoh In",
year = "2008",
month = "12",
day = "1",
doi = "10.1109/APSCC.2008.182",
language = "English",
isbn = "9780769534732",
pages = "668--673",
booktitle = "Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008",

}

TY - GEN

T1 - Effective security safeguard selection process for return on security investment

AU - Do, Hoon Kim

AU - Taek, Lee

AU - In, Hoh

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

AB - Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

UR - http://www.scopus.com/inward/record.url?scp=67049143088&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=67049143088&partnerID=8YFLogxK

U2 - 10.1109/APSCC.2008.182

DO - 10.1109/APSCC.2008.182

M3 - Conference contribution

AN - SCOPUS:67049143088

SN - 9780769534732

SP - 668

EP - 673

BT - Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008

ER -