Abstract
Decision on how much resources should be invested to curb information security threat at a specific risk level is contingent upon multiple criteria, some of which must be represented by linguistic variables. This paper aims to provide theoretical justifications for the various criteria and the need to use a fuzzy-logic based tool for their selection and classification.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lee, V.C.S., Shao, L.: A Fuzzy Regression Inference design for optimal investment on enterprise information security ISDA 2003 (2003) (submitted to)
CERT/CC statistics (1988-2002), http://www.cert.org/stats/cert_stats.html
Report of Internet, Technology and Telecommunications, Internet research of Morgan Stanley (August. 2002)
CIO magazine survey report, Security Spending: how much is enough (September 2002)
Briney, A.: Report of Information Security Survey (September 2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, V.C.S. (2003). A Fuzzy Multi-criteria Decision Model for Information System Security Investment. In: Liu, J., Cheung, Ym., Yin, H. (eds) Intelligent Data Engineering and Automated Learning. IDEAL 2003. Lecture Notes in Computer Science, vol 2690. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45080-1_58
Download citation
DOI: https://doi.org/10.1007/978-3-540-45080-1_58
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40550-4
Online ISBN: 978-3-540-45080-1
eBook Packages: Springer Book Archive