EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Selection of Cybersecurity Safequards Portfolio

Tadeusz Sawik

Chapter Chapter 15 in Supply Chain Disruption Management, 2020, pp 427-448 from Springer

Abstract: Abstract This chapter deals with the optimal selection of countermeasures in IT security planning to prevent or mitigate cyber-threats and a stochastic MIP approach is proposed for the decision-making. Given a set of potential threats and a set of available countermeasures, the decision maker needs to decide which countermeasure to implement under limited budget to minimize potential losses from successful cyber-attacks and mitigate the impact of disruptions caused by IT security incidents. The selection of countermeasures is based on their effectiveness of blocking different threats, implementation costs and probability of potential attack scenarios. The problem is formulated as a single- or bi-objective stochastic mixed integer program and a conditional value-at-risk approach combined with scenario-based analysis is applied to control the risk of high losses due to operational disruptions and optimize worst-case performance of an IT system. The bi-objective trade-off model provides the decision maker with a simple tool for balancing expected and worst-case losses and for shaping of the resulting cost distribution through the selection of optimal subset of countermeasures for implementation, i.e., the selection of optimal countermeasure portfolio. The selected portfolio explicitly depends on preferred confidence level and cost/risk preference of the decision maker. Numerical examples are presented and some computational results are reported to compare the risk-averse solutions that minimize conditional value-at-risk with the risk-neutral ones that minimize expected cost. The major managerial insights are provided at the end of this chapter.

Date: 2020
References: Add references at CitEc
Citations:

There are no downloads for this item, see the EconPapers FAQ for hints about obtaining it.

Related works:
Chapter: Selection of Cybersecurity Safequards Portfolio (2018)
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:isochp:978-3-030-44814-1_15

Ordering information: This item can be ordered from
http://www.springer.com/9783030448141

DOI: 10.1007/978-3-030-44814-1_15

Access Statistics for this chapter

More chapters in International Series in Operations Research & Management Science from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-01
Handle: RePEc:spr:isochp:978-3-030-44814-1_15