Summary

Abstract

The final chapter illustrates the key aspects for finding the best safeguard and making an adequate cybersecurity investment in an aggregated way. Thereby, a structured orientation is combined with important aspects for creating and handling related decisions. In the first section, the prerequisite knowledge for preparing and performing a decision making process in cybersecurity is specified. With multiple references to previous chapters, background information from other passages of the book can quickly be found. Among other things, cybersecurity principles, safeguard types, financial indicators, risk management approaches, and decision making techniques are summarized. The second section outlines the activities from the decision making process and illustrates different options while walking through the process. Hereby, the decision maker is supported in choosing the best mix of techniques, standards and best practices in order to make the process as sophisticated or simple as it shall be. In the third section, a checklist is provided. It can be used as a walk-through guidance for the whole lifecycle of cybersecurity investments. With relevant questions for every step of the lifecycle, it can be ensured that nothing will be overlooked in the practical application.