ISO/IEC 27001-Based Estimation of Cybersecurity Costs with Caspea - Publication - Bridge of Knowledge

Search

ISO/IEC 27001-Based Estimation of Cybersecurity Costs with Caspea

Abstract

In the contemporary, knowledge-based economy, enterprises are forced to bear the costs related to cybersecurity. While breaches negatively affect companies' budgets, accurate decisions on security investments result in visible savings. At the same time, cybersecurity cost assessment methods that support these decisions are lacking. Caspea addresses the gap by enabling the estimation of costs related to personnel activities involved in cybersecurity management. In this paper, new advancements in the research related to the construction of an ISO/IEC 27001-based costing model are described. This includes revising cost centres based on the ISO27k RASCI matrix, minimising input and output data, or implementing a new calculation spreadsheet that contains substantial changes compared to its previous editions. A comparative analysis with the earlier version of Caspea has been performed. The application of the new model to a woodworking company is illustrated. The results show gradual extension and the broader scope of the Caspea framework.

Citations

  • 0

    CrossRef

  • 0

    Web of Science

  • 0

    Scopus

Cite as

Full text

download paper
downloaded 2 times
Publication version
Accepted or Published Version
DOI:
Digital Object Identifier (open in new tab) 10.62036/ISD.2024
License
Creative Commons: CC-BY-NC-ND open in new tab

Keywords

Details

Category:
Conference activity
Type:
publikacja w wydawnictwie zbiorowym recenzowanym (także w materiałach konferencyjnych)
Language:
English
Publication year:
2024
Bibliographic description:
Leszczyna R.: ISO/IEC 27001-Based Estimation of Cybersecurity Costs with Caspea// / : , 2024,
DOI:
Digital Object Identifier (open in new tab) 10.62036/isd.2024
Sources of funding:
  • Free publication
Verified by:
Gdańsk University of Technology

seen 14 times

Recommended for you

Meta Tags