EAI Endorsed Transactions on e-Learning 17(15): e2

Research Article

Maximizing Security Management Performance and Decisions with the MFC Cyber Security Model: e- learning case study

Download2 downloads
  • @ARTICLE{10.4108/eai.29-11-2017.153389,
        author={N. Rjaibi and L. B. A. Rabai},
        title={Maximizing Security Management Performance and  Decisions with the MFC Cyber Security Model: e- learning case study},
        journal={EAI Endorsed Transactions on e-Learning},
        volume={17},
        number={15},
        publisher={EAI},
        journal_a={EL},
        year={2017},
        month={11},
        keywords={Management, Measurement, Security, Economics, Security Countermeasures, The Return On Investment, Decision Making, e-Business Management.},
        doi={10.4108/eai.29-11-2017.153389}
    }
    
  • N. Rjaibi
    L. B. A. Rabai
    Year: 2017
    Maximizing Security Management Performance and Decisions with the MFC Cyber Security Model: e- learning case study
    EL
    EAI
    DOI: 10.4108/eai.29-11-2017.153389
N. Rjaibi1, L. B. A. Rabai1
  • 1: Institut Supérieur de Gestion de Tunis, Université de Tunis, Bardo 2000 Tunisia

Abstract

The Mean failure Cost (MFC) is a cascade of linear models that quantify security threats by taking into consideration the system’s stakeholders, security requirements, architectural components and threats. This quantitative cyber security model monetizes system’s security in terms of cost which may be lost due to security failure. The lack of quantitative security models in security decision making is a way to discover strengths and uniqueness of the MFC cyber security model. This paper intends to extend this measure into a security risk management model for ultra large systems and to exploit the previously presented MFC model’s characteristics in security decision making relying on a rigorous and quantifiable analysis of financial returns. In fact, we intend to provide a possible solution to security problems using the MFC model in order to set the highest security priorities and choose the suitable countermeasures as well as computing the profitability of the proposed security countermeasures through the Return on Investment (ROI) based on the MFC’s values for each stakeholder. This will lead to monitoring the effectiveness of the proposed security countermeasures, ensuring the best solution choice by saving both time and money and providing a security decision maker with adequate justification to perform his security choice. The practical investigation is to be conducted thought the context of e-learning platforms.