论文信息 - FORECASTING CYBER MAINTENANCE COSTS WITH IMPROVED SCAN ANALYTICS USING SIMULATION

FORECASTING CYBER MAINTENANCE COSTS WITH IMPROVED SCAN ANALYTICS USING SIMULATION

This article proposes a discrete event simulation model of an organization that maintains computer hosts and incurs several millions of dollars in maintenance and incident response costs. The common maintenance policy is referred to as "out-of-sight is out-of-mind" (OSOM) because the majority of hosts are absent from scans and ignored. Hosts are "dark" (absent) because they are not accessible (turned off or with restricted permissions). The proposed model is used to compare OSOM with alternatives including improved analytics that make dark host vulnerabilities visible. Findings clarify the apparent benefits of OSOM unless indirect costs for intrusions or improved policies are applied. Also, benefits from using Windows operating systems and improved policies are clarified including millions in expected savings (vs. Linux).

Theodore T. Allen | Enhao Liu

[1] Averill M. Law,et al. Simulation Modeling & Analysis , 1991 .

[2] Theodore T. Allen,et al. Control charting methods for autocorrelated cyber vulnerability data , 2016 .

[3] Adam Gauci,et al. Addressing the challenge of cyber security maintenance through patch management , 2017 .

[4] David Woods,et al. An Initial Comparison of Selected Models of System Resilience , 2016 .

[5] Theodore T. Allen,et al. Using focus group data to set new product prices , 2004 .

[6] Theodore T. Allen. Introduction to Discrete Event Simulation and Agent-based Modeling: Voting Systems, Health Care, Military, and Manufacturing , 2011 .

[7] Theodore T. Allen,et al. Data-Driven Cyber-Vulnerability Maintenance Policies , 2014 .

[8] Theodore T. Allen,et al. Mitigating Voter Waiting Times , 2006 .

[9] Theodore T. Allen,et al. An experimental design criterion for minimizing meta‐model prediction errors applied to die casting process design , 2003 .