Issue No.01 - January/February (2010 vol.8)
Rainer Böhme , International Computer Science Institute
Tyler Moore , Harvard University
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.51
We outline a model for security investment that reflects dynamic interaction between a defender, who faces uncertainty, and an attacker, who repeatedly targets the weakest link. Using the model, we derive and compare optimal security investment over multiple periods, exploring the delicate balance between proactive and reactive security investment.
economics, security, optimal security investment under uncertainty, ROSI
Rainer Böhme, Tyler Moore, "The Iterated Weakest Link", IEEE Security & Privacy, vol.8, no. 1, pp. 53-55, January/February 2010, doi:10.1109/MSP.2010.51