Cyber-attacks have globally escalated by 125% after the onset of the pandemic as businesses transitioned to online work setups. These cybercrimes incur significant costs. Consequently, organizations are giving heightened priority to cybersecurity investments, integrating them into their strategic decision-making. However, due to limited resources, a judicious approach is necessary, focusing on selective investment in effective mitigation strategies. This study addresses the challenge of optimally allocating investments among diverse cybersecurity measures to enhance cybersecurity efficacy while minimizing the risk of cyberattacks. Specifically, the study aims to anticipate potential losses based on breach likelihood and determine the optimal investment levels. The study employs a combination of machine learning (ML) and linear programming (LP) to determine suitable mitigation strategies for investment, considering constrained monetary resources. ML techniques, including Naïve Bayes and Decision Tree, assess breach likelihood and consequent losses. Subsequently, LP is employed to ascertain the most effective allocation of investments across different cybersecurity mitigation strategies, considering the constraints of monetary resources.
Jain, Swati and Mukhopadhyay, Arunabha, "Optimization of Investments in Cybersecurity: A Linear Programming Approach" (2023). WISP 2023 Proceedings. 8.