Export Publication

Vitor Basto-Fernandes (2019). Cyber Security Portfolio Selection under Limited Budget Constraints. De Montfort University, Faculty of Computing, Engineering and Media - Software Technology Research Laboratory Seminars.

V. M. Fernandes,  "Cyber Security Portfolio Selection under Limited Budget Constraints", in De Montfort University, Faculty of Computing, Engineering and Media - Software Technology Research Laboratory Seminars, Leicester, 2019

@misc{fernandes2019_1764928583433,
	author = "Vitor Basto-Fernandes",
	title = "Cyber Security Portfolio Selection under Limited Budget Constraints",
	year = "2019",
	howpublished = "Other"
}

TY  - CPAPER
TI  - Cyber Security Portfolio Selection under Limited Budget Constraints
T2  - De Montfort University, Faculty of Computing, Engineering and Media - Software Technology Research Laboratory Seminars
AU  - Vitor Basto-Fernandes
PY  - 2019
CY  - Leicester
AB  - Choosing an optimal investment in information security is an issue most companies face these days. Which security controls to adopt to protect the information infrastructure of a company in the best way ? Selecting a subset of security controls among many available ones can be seen as a resource allocation problem. The choice should be guided by importance of assets to be protected, their vulnerabilities and existing threats that might exploit those vulnerabilities. Moreover, conflicting objectives and constraints need to be considered. In particular, the security of the system should be improved by minimising all existing cyber risks to the most important assets and minimising cost of such protection simultaneously. There might be some limitation or constraints to be considered, such as limited budged or other resources, e.g. human resources. In this work, the security controls subset selection problem is formulated as a portfolio optimization problem well known in financial management. We propose to solve such a problem using existing single and multiobjective optimization approaches.
ER  -