Organizational computing devices are increasingly becoming targets of cyber-attacks, and organizations have become dependent on the safety and security of their computer networks and their organizational computing devices. Business and government often use defense in-depth information assurance measures such as firewalls, intrusion detection systems, and password procedures across their enterprises to plan strategically and manage IT security risks. This quantitative study explores whether the analytical hierarchy process (AHP) model can be effectively applied to the prioritization of information assurance defense in-depth measures. In response to these threats, the President, legislators, experts, and others have characterized cyber security as a pressing national security issue. The methods used in this study consisted of emailing study participants a survey requesting that they prioritize five defense in-depth information assurance measures, anti-virus, intrusion detection, password, smart-cards, and encryption, with a range of responses from 1 -5 using a Likert scale to consider standard cost, effectiveness, and perceived ease of use in terms of protection of organizational computing devices. The measures were then weighted, based on ranking. A pair-wise comparison of each of the five measures is then made using AHP to determine whether the Likert scale and the AHP model could be effectively applied to the prioritization of information assurance measures to protect organizational computing devices. The findings of the research reject the H 0 null hypothesis that AHP does not affect the relationship between the information technology analysts' prioritization of five defense in-depth dependent variables and the independent variables of cost, ease of use, and effectiveness in protecting organizational devices against cyber-attacks.
Society is becoming increasingly dependent on cyberspace for both business and pleasure. Cyber attackers continue to attack organizational computer networks, as those same computer networks become increasing critical to organizational business process. Strategic planning and managing IT security risks play an important role in the business and government planning process. Deploying defense in depth security measures can ensure that organizations continue to function in times of crisis. This quantitative study explores whether the Latin Square Design (LSD) model can be effectively applied to the prioritization of cybersecurity threats and to the linking of information assurance defense in-depth measures to those threats. The methods used in this study consisted of scanning 10 Cybersecurity Websites such as the Department of Homeland Security US CERT (United States-Computer Emergency Readiness Team [1]) and the SANS Institute (SysAdmin, Audit, Network and Security [2]) using the Likert Scale Model for the Website's top ten list of cyber threats facing organizations and the network defense in depth measures to fight those threats. A comparison of each cybersecurity threats was then made using LSD to determine whether the Likert scale and the LSD model could be effectively applied to prioritize information assurance measures to protect organizational computing devices. The findings of the research reject the H 0 null hypothesis that LSD does not affect the relationship between the ranking of 10 Cybersecurity websites top ten cybersecurity threats dependent variables and the independent variables of defense in depth measures used in protecting organizational devices against cyber-attacks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.