Mohamed Noordin Yusuff Marican, Siti Hajar Othman, Ali Selamat, Shukor Abd Razak
{"title":"量化初创科技公司的安全投资回报","authors":"Mohamed Noordin Yusuff Marican, Siti Hajar Othman, Ali Selamat, Shukor Abd Razak","doi":"10.21123/bsj.2023.9077","DOIUrl":null,"url":null,"abstract":"Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. As such, startups are fast becoming attack vectors for malicious perpetrators to gain entry via backdoors to large organizations. However, startups remain prudent in their cyber security spending as their north star is revenue generation by delivering their services and minimum viable product (MVP) to their customers. This study proposes an enhanced Return on Security Investment (ROSI) which helps technology startups calculate the return on security investment and justify their budget of cyber security spending. Though there are existing models to calculate the return of investments allocated to cyber security expenditure, they are rather complex and do not give management clarity in terms of the monetary value for cyber security spending. Furthermore, the existing models do not cater to the dynamics and nuances of technology startups. The enhanced model also provides technology startups the ability to appropriately adjust their cyber security investments based on the calculations of the Minimum (Min) and Maximum (Max) ROSI values. The proposed and enhanced ROSI model has been validated by 5 cyber security experts who agreed on the importance and necessity of the model to be applied to technology startups. The results of the case study on a FinTech startup enable the calculation of the Min and Max ROSI to justify the return on security investments and provide the startup with the ability to adjust the cyber security spending accordingly.","PeriodicalId":8687,"journal":{"name":"Baghdad Science Journal","volume":"2017 38","pages":""},"PeriodicalIF":1.2000,"publicationDate":"2023-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Quantifying the Return of Security Investments for Technology Startups\",\"authors\":\"Mohamed Noordin Yusuff Marican, Siti Hajar Othman, Ali Selamat, Shukor Abd Razak\",\"doi\":\"10.21123/bsj.2023.9077\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. As such, startups are fast becoming attack vectors for malicious perpetrators to gain entry via backdoors to large organizations. However, startups remain prudent in their cyber security spending as their north star is revenue generation by delivering their services and minimum viable product (MVP) to their customers. This study proposes an enhanced Return on Security Investment (ROSI) which helps technology startups calculate the return on security investment and justify their budget of cyber security spending. Though there are existing models to calculate the return of investments allocated to cyber security expenditure, they are rather complex and do not give management clarity in terms of the monetary value for cyber security spending. Furthermore, the existing models do not cater to the dynamics and nuances of technology startups. The enhanced model also provides technology startups the ability to appropriately adjust their cyber security investments based on the calculations of the Minimum (Min) and Maximum (Max) ROSI values. The proposed and enhanced ROSI model has been validated by 5 cyber security experts who agreed on the importance and necessity of the model to be applied to technology startups. The results of the case study on a FinTech startup enable the calculation of the Min and Max ROSI to justify the return on security investments and provide the startup with the ability to adjust the cyber security spending accordingly.\",\"PeriodicalId\":8687,\"journal\":{\"name\":\"Baghdad Science Journal\",\"volume\":\"2017 38\",\"pages\":\"\"},\"PeriodicalIF\":1.2000,\"publicationDate\":\"2023-12-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Baghdad Science Journal\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21123/bsj.2023.9077\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"MULTIDISCIPLINARY SCIENCES\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Baghdad Science Journal","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21123/bsj.2023.9077","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"MULTIDISCIPLINARY SCIENCES","Score":null,"Total":0}
Quantifying the Return of Security Investments for Technology Startups
Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. As such, startups are fast becoming attack vectors for malicious perpetrators to gain entry via backdoors to large organizations. However, startups remain prudent in their cyber security spending as their north star is revenue generation by delivering their services and minimum viable product (MVP) to their customers. This study proposes an enhanced Return on Security Investment (ROSI) which helps technology startups calculate the return on security investment and justify their budget of cyber security spending. Though there are existing models to calculate the return of investments allocated to cyber security expenditure, they are rather complex and do not give management clarity in terms of the monetary value for cyber security spending. Furthermore, the existing models do not cater to the dynamics and nuances of technology startups. The enhanced model also provides technology startups the ability to appropriately adjust their cyber security investments based on the calculations of the Minimum (Min) and Maximum (Max) ROSI values. The proposed and enhanced ROSI model has been validated by 5 cyber security experts who agreed on the importance and necessity of the model to be applied to technology startups. The results of the case study on a FinTech startup enable the calculation of the Min and Max ROSI to justify the return on security investments and provide the startup with the ability to adjust the cyber security spending accordingly.
期刊介绍:
The journal publishes academic and applied papers dealing with recent topics and scientific concepts. Papers considered for publication in biology, chemistry, computer sciences, physics, and mathematics. Accepted papers will be freely downloaded by professors, researchers, instructors, students, and interested workers. ( Open Access) Published Papers are registered and indexed in the universal libraries.