Comunicação em evento científico
Cyber Security Portfolio Selection under Limited Budget Constraints
Vitor Basto-Fernandes (Vitor Basto-Fernandes);
Título Evento
De Montfort University, Faculty of Computing, Engineering and Media - Software Technology Research Laboratory Seminars
Reino Unido
Mais Informação
Choosing an optimal investment in information security is an issue most companies face these days. Which security controls to adopt to protect the information infrastructure of a company in the best way ? Selecting a subset of security controls among many available ones can be seen as a resource allocation problem. The choice should be guided by importance of assets to be protected, their vulnerabilities and existing threats that might exploit those vulnerabilities. Moreover, conflicting objectives and constraints need to be considered. In particular, the security of the system should be improved by minimising all existing cyber risks to the most important assets and minimising cost of such protection simultaneously. There might be some limitation or constraints to be considered, such as limited budged or other resources, e.g. human resources. In this work, the security controls subset selection problem is formulated as a portfolio optimization problem well known in financial management. We propose to solve such a problem using existing single and multiobjective optimization approaches.
Cyber Security,Portfolio Selection,Optimization
  • Ciências da Computação e da Informação - Ciências Naturais

Com o objetivo de aumentar a investigação direcionada para o cumprimento dos Objetivos do Desenvolvimento Sustentável para 2030 das Nações Unidas, é disponibilizada no Ciência-IUL a possibilidade de associação, quando aplicável, dos artigos científicos aos Objetivos do Desenvolvimento Sustentável. Estes são os Objetivos do Desenvolvimento Sustentável identificados pelo(s) autor(es) para esta publicação. Para uma informação detalhada dos Objetivos do Desenvolvimento Sustentável, clique aqui.