Effective security safeguard selection process for return on security investment

Hoon Kim Do; Lee Taek; Peter In Hoh

doi:10.1109/APSCC.2008.182

Effective security safeguard selection process for return on security investment

Hoon Kim Do, Lee Taek, Peter In Hoh

Department of Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

Original language	English
Title of host publication	Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008
Publisher	IEEE Computer Society
Pages	668-673
Number of pages	6
ISBN (Print)	9780769534732
DOIs	https://doi.org/10.1109/APSCC.2008.182
Publication status	Published - 2008
Event	3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008 - Yilan, Taiwan, Province of China Duration: 2008 Dec 9 → 2008 Dec 12

Publication series

Name	Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008

Conference

Conference	3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008
Country/Territory	Taiwan, Province of China
City	Yilan
Period	08/12/9 → 08/12/12

ASJC Scopus subject areas

Computer Science Applications
Software
Electrical and Electronic Engineering

Access to Document

10.1109/APSCC.2008.182

Cite this

Do, H. K., Taek, L., & Hoh, P. I. (2008). Effective security safeguard selection process for return on security investment. In Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008 (pp. 668-673). [4780750] (Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008). IEEE Computer Society. https://doi.org/10.1109/APSCC.2008.182

Effective security safeguard selection process for return on security investment. / Do, Hoon Kim; Taek, Lee; Hoh, Peter In.
Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008. IEEE Computer Society, 2008. p. 668-673 4780750 (Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Do, HK, Taek, L & Hoh, PI 2008, Effective security safeguard selection process for return on security investment. in Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008., 4780750, Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008, IEEE Computer Society, pp. 668-673, 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008, Yilan, Taiwan, Province of China, 08/12/9. https://doi.org/10.1109/APSCC.2008.182

@inproceedings{930d221d086046a598370034b2245837,

title = "Effective security safeguard selection process for return on security investment",

abstract = "Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.",

author = "Do, {Hoon Kim} and Lee Taek and Hoh, {Peter In}",

year = "2008",

doi = "10.1109/APSCC.2008.182",

language = "English",

isbn = "9780769534732",

series = "Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008",

publisher = "IEEE Computer Society",

pages = "668--673",

booktitle = "Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008",

note = "3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008 ; Conference date: 09-12-2008 Through 12-12-2008",

}

TY - GEN

T1 - Effective security safeguard selection process for return on security investment

AU - Do, Hoon Kim

AU - Taek, Lee

AU - Hoh, Peter In

PY - 2008

Y1 - 2008

N2 - Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

AB - Over the past few years, a considerable number of studies have been made on the Return on Security Investment (ROSI) in connection with security policy. However, it is necessary to quantity types of projected damages, cyber threats, security safeguards and ROSI, since the size of information system and its investment factors are growing continuously. Accordingly, in this paper, we propose a way of effective security investment for a higher ROSI, focusing on how to efficiently conduct assessment with use of the Analytic Hierarchy Process (AHP)-based Canonical Correlation Analysis (CCA). The CCA is a means of measuring the linear relationship between relevant cyber threats and corresponding security-safeguarding methods. Finally, we illustrate how such analyses can be used for determination of which securitysafeguarding method functions most efficiently, as alternative to the current security investment policy.

UR - http://www.scopus.com/inward/record.url?scp=67049143088&partnerID=8YFLogxK

U2 - 10.1109/APSCC.2008.182

DO - 10.1109/APSCC.2008.182

M3 - Conference contribution

AN - SCOPUS:67049143088

SN - 9780769534732

T3 - Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008

SP - 668

EP - 673

BT - Proceedings of the 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008

PB - IEEE Computer Society

T2 - 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008

Y2 - 9 December 2008 through 12 December 2008

ER -

Effective security safeguard selection process for return on security investment

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this