Cost-effectiveness of Security Measures: A model-based Framework

Wolter Pieters, Christian W. Probst, Zofia Lukszo, L. Montoya

    Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

    9 Citations (Scopus)
    2 Downloads (Pure)


    Recently, cyber security has become an important topic on the agenda of many organisations. It is already widely acknowledged that attacks do happen, and decision makers face the problem of how to respond. As it is almost impossible to secure a complex system completely, it is important to have an adequate estimate of the effectiveness of security measures when making investment decisions. Risk concepts are known in principle, but estimating the effectiveness of countermeasure proves to be difficult and cannot be achieved by qualitative approaches only. In this chapter, we consider the question of how to guarantee cost-effectiveness of security measures. We investigate the possibility of using existing frameworks and tools, the challenges in a security context as opposed to a safety context, and directions for future research.
    Original languageUndefined
    Title of host publicationApproaches and Processes for Managing the Economics of Information Systems
    EditorsTheodosios Tsiakis, Theodorus Kargidis, Panagiotis Katsaros
    Place of PublicationHershey, PA
    PublisherIGI Global
    Number of pages18
    ISBN (Print)978-1-4666-4983-5
    Publication statusPublished - Jan 2014

    Publication series

    PublisherIGI Global


    • SCS-Cybersecurity
    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/261696
    • METIS-297693
    • EWI-23426
    • IR-86287
    • EC Grant Agreement nr.: FP7/318003

    Cite this