Maximizing Security Management Performance and Decisions with the MFC Cyber Security Model: e- learning case study

Abstract: The Mean failure Cost (MFC) is a cascade of linear models that quantify security threats by taking into consideration the system's stakeholders, security requirements, architectural components and threats. This quantitative cyber security model monetizes system's security in terms of cost which may be lost due to security failure. The lack of quantitative security models in security decision making is a way to discover strengths and uniqueness of the MFC cyber security model. This paper intends to extend this … Show more

“…Here in Ethiopia, both private and public sectors are highly dependent on technological solutions (buying more tools and techniques) to protect their information and technological infrastructures. However, since the width and depth of the cyber-attack dimension is growing faster than ever, technology alone can provide some help but will not be a possible solution for the fastest growing cyber-attack scenarios [14,15]. To this end, cybersecurity is well addressed by designing and implementing appropriate sets of governance, management, processes, controls, policies, procedures, and organizational security structures to make sure that security and business objectives are met without having security problems [16][17][18].…”

Investigating Potential Vulnerability of Critical Infrastructure and Way Forward – Recommendations to Enhance Security and Resilience

“…Here in Ethiopia, both private and public sectors are highly dependent on technological solutions (buying more tools and techniques) to protect their information and technological infrastructures. However, since the width and depth of the cyber-attack dimension is growing faster than ever, technology alone can provide some help but will not be a possible solution for the fastest growing cyber-attack scenarios [14,15]. To this end, cybersecurity is well addressed by designing and implementing appropriate sets of governance, management, processes, controls, policies, procedures, and organizational security structures to make sure that security and business objectives are met without having security problems [16][17][18].…”

Investigating Potential Vulnerability of Critical Infrastructure and Way Forward – Recommendations to Enhance Security and Resilience

“…Here in Ethiopia, both private and public sectors are highly dependent on technological solutions (buying more tools and techniques) to protect their information and technological infrastructures. However, since the width and depth of the cyber-attack dimension is growing faster than ever, technology alone can provide some help but will not be a possible solution for the fastest growing cyber-attack scenarios [14,15]. To this end, cybersecurity is well addressed by designing and implementing appropriate sets of governance, management, processes, controls, policies, procedures, and organizational security structures to make sure that security and business objectives are met without having security problems [16,17,18].…”

Investigating Potential Vulnerability of Critical Infrastructure and way forward – recommendations to enhance security and resilience

Functional Specification to Support Security Risk Assessment of Large Systems