The main purpose of this paper is to offer a data-driven approach to assess cyber risk and to ensure appropriate confidentiality, integrity, and availability. A study presents the decision hierarchical model of cyber security risk assessment based on AHP methodology and describes a quantitative measure for evaluating and ranking security incidents. It can be used to conduct cost-benefit analysis, design and optimize cybersecurity in the systems.
- Biener, C. ,M. Eling, and J. H. Wirfs, ―Insurability of cyber risk: an empirical analysis,‖ The Geneva Papers on Risk and Insurance—Issues and Practice, vol. 40, no. 1, pp. 131–158, 2015.
- Ishizaka A., P. Nemery, Multi-criteria decision analysis methods and software, Chichester: John Wiley and Sons, (2013).
- Mardani A., A. Jusoh, K. Nor, Z. Khalifah, N. Zakwan, A. Valipour, Multiple criteria decision-making techniques and their applications – a review of the literature from 2000 to 2014, Economic Research-Ekonomska Istraživanja, 2015.
- Muhammad N., N. Cavus. Fuzzy DEMATEL method for identifying LMS evaluation criteria. 9th International Conference on Theory and application of Soft Computing, Computing with Words and Perception, 2017.
- Naumov S. and I. Kabanov, ―Dynamic framework for assessing cyber security risks in a changing environment,‖ in Proceedings of the 2016 International Conference on Information Science and Communications Technologies (ICISCT), pp. 1–4, Tashkent, Uzbekistan, November 2016.
- Petrova V., Using the Analytic Hierarchy Process for LMS selection, CompSysTech '19: 20th International Conference on Computer Systems and Technologies, June 2019, Ruse, Bulgaria, Pages 332–336, ISBN: 978-1-4503-7149-0.
- Rot, A., ―IT risk assessment: quantitative and qualitative approach,‖ in Proceedings of the World Congress on Engineering and Computer Science 2008 (WCECS 2008), San Francisco, CA, USA, October 2008.
- Saaty, T.L., 1980. The Analytic Hierarchy Process. McGraw-Hill, New York.
- Saaty T., Theory and Applications of the Analytic Network Process, RWS Publications, 2005.
- Saaty T., L. Vargas, Models, methods, concepts, and application of the analytic hierarchy process, New York: Springer, 2012.
- Sum, R., Risk Prioritisation Using The Analytic Hierarchy Process. Innovation and Analytics Conference and Exhibition (IACE 2015)AIP Conf. Proc. 1691, 030028-1–030028-8; doi: 10.1063/1.4937047
- Ugur Aksu M., M. Hadi Dilek, E. Islam Tatli et al., ―A quantitative CVSS-based cyber security risk assessment methodology for IT systems,‖ in Proceedings of the 2017 International Carnahan Conference on Security Technology, pp. 1– 8, ICCST, Madrid, Spain, October 2017.