In this study we present a simulation optimization (SO) approach based on direct search methods applied to cyber security. The problem consists in investigating if and when human resources (i.e. analysts) in a company should i) work alone or ii) in consultation with teammates when responding to different attack rates and types targeting a predefined set of company cyber assets. The objective of the study is to evaluate overall attack tolerance with respect to system performance degradation and both resource training and knowledge gain. Numerical examples and experiments related to resource assignment and team formation are presented to show how the SO model can support company managers when grappling with a very common decision: “make or buy” cyber security know how.
A simulation optimization based approach for team building in cyber security
LEGATO Pasquale;MAZZA Rina Mary
2016-01-01
Abstract
In this study we present a simulation optimization (SO) approach based on direct search methods applied to cyber security. The problem consists in investigating if and when human resources (i.e. analysts) in a company should i) work alone or ii) in consultation with teammates when responding to different attack rates and types targeting a predefined set of company cyber assets. The objective of the study is to evaluate overall attack tolerance with respect to system performance degradation and both resource training and knowledge gain. Numerical examples and experiments related to resource assignment and team formation are presented to show how the SO model can support company managers when grappling with a very common decision: “make or buy” cyber security know how.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.