NIST proposes model to assess cybersecurity investment strategies in network security

NIST and university researchers have proposed a new computational model for assessing cybersecurity costs in network protection.

The larger the network, the more opportunities there may be for threat actors to infiltrate, cause damage, or conduct theft. 

Today’s corporate networks often provide a vast attack surface including Internet of Things (IoT) devices, mobile products, remote work tools, on-prem and off-prem services, and cloud systems. 

It may be a challenge for businesses to work out what the most important areas are in terms of cybersecurity investment, but a new computational model could take out some of the guesswork. 

Authored by US National Institute of Standards and Technology (NIST) researchers Van Sy Mai, Richard La, and Abdella Battou, a new paper published in IEEE/ACM Transactions on Networking, titled “Optimal Cybersecurity Investments in Large Networks Using SIS Model: Algorithm Design,” proposes “a way to determine optimum investments needed to minimize the costs of securing these networks, providing recovery from infections and repairing their damage.”

The algorithm was designed with pandemic and disease tracking as inspiration. Viruses can spread through a population with no immunity through social contact and digital viruses can also spread through networks and points of system-to-system contact if no protection is

Read More: