Mathematical Model For Information Security System Effectiveness Evaluation Against Advanced Persistent Threat Attacks

An effective strategy for managing the national information security with capabilities to resist information threats significantly impacts its further development. This study aims to assess the level of threat to the information security of countries based on the integral index. It is proposed to use five indicators characterizing individual areas of information security and 37 world development indicators, selected from the World Bank database. Correlation analysis selected 12 out of 37 development indicators relevant to security indicators for which the correlation coefficient exceeded 0.5 or –0.5. The Harrington-Mencher function is proposed to determine the information security threat index. Nonlinear normalization was carried out to bring the initial data to a comparable measurement. Canonical analysis was performed to determine the indicator weights. The data from 159 countries were taken for 2018 to assess the index. The result was presented on the map showing countries’ distribution by the information security threat index, thus forming five groups. The group with a “very well” resistance to threats includes economically developed countries with a high level of information security. The “well” group was formed by new industrial and developing countries with economic potential sufficient to prevent information threats and combat their consequences. The information security level in developing countries, where the results of overcoming information threats will affect the economic sphere, is defined as “acceptable”. Countries with a low level of development and information security formed groups designated as “bad” and “very bad”, which indicates a high level of threats to their information security. AcknowledgmentThis work is carried out with in the tax payer – funded researches: No. 0118U003574 “Cybersecurity in the banking fraud enforcement: protection of financial service consumers and the financial and economic security growth in Ukraine”.

show abstract

Model to Optimize the Management of Strategic Projects Using Genetic Algorithms in a Public Organization

Izurieta

Toapanta

Morales

et al. 2022

Information

View full text Add to dashboard Cite

Public organizations lack adequate models and methods to efficiently support and manage processes related to information security and IT investments. The objective is to optimize the management of strategic projects planned to improve the information security of a public organization and make efficient use of its available resources. The deductive method and exploratory research were used to review and analyze the available information. A mathematical model resulted that optimizes two objectives: (1) minimizing the costs of the strategic projects to be executed, and (2) maximizing the percentage of improvement in the organization’s information security. According to the result of the simulation, a subset of planned strategic projects was obtained that allows improving the information security of a public organization from 84.64% to 92.20%, considering the budgetary limitations of the organization. It was concluded that the proposed model is efficient, practical and can be a support tool for the IT management of a public organization.

show abstract

Mathematical Model For Information Security System Effectiveness Evaluation Against Advanced Persistent Threat Attacks

Cited by 3 publications

References 8 publications

Systematic Literature Review of Security Control Assessment Challenges

Systematic Literature Review of Security Control Assessment Challenges

Evaluating the threat to national information security

Model to Optimize the Management of Strategic Projects Using Genetic Algorithms in a Public Organization

Contact Info

Product

Resources

About