Loading...

Media is loading
 

Paper Type

Complete

Abstract

Malware-related threats continue to pose significant challenges for protecting organizational perimeters. Proposed solutions for defending against malware threats are often devised without considering the socio-technical environment in which they are implemented. This paper argues that by treating malware-related threats as an epidemic, a framework is provided for formulating targeted security controls to prevent and disrupt malware-related attacks. This paper adapts the well-known epidemiology triad into a decision-making and risk-quantification model to assist organizations in formulating security controls. The proposed model can be used to formulate security controls, quantify the probability of a cyber infection, and assess the economic feasibility of the formulated controls. This model constitutes a novel contribution to the knowledge base, demonstrating the potential for fruitful discourse and engagement to co-exist at the boundaries of disciplines.

Paper Number

1395

Comments

SIGSEC

Share

COinS
Top 25 Paper Badge
 
Aug 16th, 12:00 AM

Epidemiology Triad Analysis Guiding Malware Control Expenditure

Malware-related threats continue to pose significant challenges for protecting organizational perimeters. Proposed solutions for defending against malware threats are often devised without considering the socio-technical environment in which they are implemented. This paper argues that by treating malware-related threats as an epidemic, a framework is provided for formulating targeted security controls to prevent and disrupt malware-related attacks. This paper adapts the well-known epidemiology triad into a decision-making and risk-quantification model to assist organizations in formulating security controls. The proposed model can be used to formulate security controls, quantify the probability of a cyber infection, and assess the economic feasibility of the formulated controls. This model constitutes a novel contribution to the knowledge base, demonstrating the potential for fruitful discourse and engagement to co-exist at the boundaries of disciplines.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.