مشخصات مقاله | |
ترجمه عنوان مقاله | چارچوبی برای محاسبه بازده سرمایه گذاری امنیتی(ROSI) برای سازمان های امنیت محور |
عنوان انگلیسی مقاله | Framework for Calculating Return on Security Investment (ROSI) for Security-Oriented Organizations |
انتشار | مقاله سال 2019 |
تعداد صفحات مقاله انگلیسی | 17 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research article) |
مقاله بیس | این مقاله بیس نمیباشد |
نمایه (index) | scopus – master journals – JCR |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
ایمپکت فاکتور(IF) |
5.341 در سال 2017 |
شاخص H_index | 85 در سال 2019 |
شاخص SJR | 0.844 در سال 2017 |
شناسه ISSN | 0167-739X |
شاخص Quartile (چارک) | Q1 در سال 2017 |
رشته های مرتبط | مهندسی فناوری اطلاعات – مهندسی کامپیوتر |
گرایش های مرتبط | اینترنت و شبکه های گسترده – تجارت الکترونیک – امنیت اطلاعات |
نوع ارائه مقاله |
ژورنال |
مجله / کنفرانس | سیستم های کامپیوتری نسل آینده – Future Generation Computer Systems |
دانشگاه | National University of Sciences and Technology, Islamabad 44000, Pakistan |
کلمات کلیدی | محاسبات ROSI، امنیت اطلاعات، CVSS، خسارت سالانه، تصمیم گیری های سرمایه گذاری، قضیه بیزی |
کلمات کلیدی انگلیسی | ROSI calculations, CVSS, Information security, Annual loss, Investment decisions, Bayesian theorem |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.future.2018.12.033 |
کد محصول | E12001 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Outline Highlights Abstract Keywords 1. Introduction 2. Literature review 3. Proposed return on security investment framework 4. Evaluation and analysis 5. Conclusion and future work Acknowledgment References |
بخشی از متن مقاله: |
Abstract Today’s business environment is extremely dynamic and reliant on innovative Information Technology (IT). Such dependence upon technology leads to an increased rate of successful cyber-attacks whose impact is greater than ever. Due to the exponential increase in security breaches, companies should secure their IT systems by adopting appropriate risk management framework. Organizations have to make justified investments in cyber security. However, it is quite challenging to convince higher management to invest in security measures, since such investments cannot be exactly translated into profits. The Return on Security Investment (ROSI) holds great importance to justify such security investments. A large number of ROSI solutions have already been proposed. However, these solutions do not provide any approach to analyze the impact of single security investment upon whole infrastructure. Furthermore, uncertainty of security incident emerges as another important challenge. The existing ROSI frameworks work on approximations, which can be influenced by employees’ exposure and experience, resulting in wrong estimation. The objective of this research is to propose a comprehensive framework to measure ROSI effectively by overcoming gaps in the traditional approaches. The framework has been validated with the help of Common Vulnerability Security System (CVSS) attack dataset. The results show that the annual loss in the absence of security mechanisms is very high i.e. 585,553. However, by following the proposed systematic approach to determine ROSI, it can be reduced to 146,388 which is comparatively low. As a result, organization can save its resources, time, money, trust, and reputation in the market. |