{"id":"https://openalex.org/W3213237428","doi":"https://doi.org/10.1080/00207543.2021.1994166","title":"A rough cut cybersecurity investment using portfolio of security controls with maximum cybersecurity value","display_name":"A rough cut cybersecurity investment using portfolio of security controls with maximum cybersecurity value","publication_year":2021,"publication_date":"2021-11-05","ids":{"openalex":"https://openalex.org/W3213237428","doi":"https://doi.org/10.1080/00207543.2021.1994166","mag":"3213237428"},"language":"en","primary_location":{"id":"doi:10.1080/00207543.2021.1994166","is_oa":false,"landing_page_url":"https://doi.org/10.1080/00207543.2021.1994166","pdf_url":null,"source":{"id":"https://openalex.org/S65690446","display_name":"International Journal of Production Research","issn_l":"0020-7543","issn":["0020-7543","1366-588X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Production Research","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021173153","display_name":"Tadeusz Sawik","orcid":"https://orcid.org/0000-0002-6054-550X"},"institutions":[{"id":"https://openalex.org/I123185442","display_name":"Reykjav\u00edk University","ror":"https://ror.org/05d2kyx68","country_code":"IS","type":"education","lineage":["https://openalex.org/I123185442"]},{"id":"https://openalex.org/I686019","display_name":"AGH University of Krakow","ror":"https://ror.org/00bas1c41","country_code":"PL","type":"education","lineage":["https://openalex.org/I686019"]}],"countries":["IS","PL"],"is_corresponding":true,"raw_author_name":"Tadeusz Sawik","raw_affiliation_strings":["Department of Engineering, Reykjavik University, Reykjavik, Iceland","Department of Operations Research, AGH University of Science & Technology, Krak\u00f3w, Poland"],"affiliations":[{"raw_affiliation_string":"Department of Engineering, Reykjavik University, Reykjavik, Iceland","institution_ids":["https://openalex.org/I123185442"]},{"raw_affiliation_string":"Department of Operations Research, AGH University of Science & Technology, Krak\u00f3w, Poland","institution_ids":["https://openalex.org/I686019"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5044289866","display_name":"Bartosz Sawik","orcid":"https://orcid.org/0000-0001-5748-3961"},"institutions":[{"id":"https://openalex.org/I175051016","display_name":"Universidad Publica de Navarra","ror":"https://ror.org/02z0cah89","country_code":"ES","type":"education","lineage":["https://openalex.org/I175051016"]},{"id":"https://openalex.org/I686019","display_name":"AGH University of Krakow","ror":"https://ror.org/00bas1c41","country_code":"PL","type":"education","lineage":["https://openalex.org/I686019"]},{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["ES","PL","US"],"is_corresponding":false,"raw_author_name":"Bartosz Sawik","raw_affiliation_strings":["Department of Business Informatics and Engineering Management, AGH University of Science & Technology, Krak\u00f3w, Poland","Department of Statistics, Computer Science and Mathematics, Public University of Navarre, Pamplona, Spain","Haas School of Business, University of California, Berkeley, USA"],"affiliations":[{"raw_affiliation_string":"Department of Business Informatics and Engineering Management, AGH University of Science & Technology, Krak\u00f3w, Poland","institution_ids":["https://openalex.org/I686019"]},{"raw_affiliation_string":"Department of Statistics, Computer Science and Mathematics, Public University of Navarre, Pamplona, Spain","institution_ids":["https://openalex.org/I175051016"]},{"raw_affiliation_string":"Haas School of Business, University of California, Berkeley, USA","institution_ids":["https://openalex.org/I95457486"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5021173153"],"corresponding_institution_ids":["https://openalex.org/I123185442","https://openalex.org/I686019"],"apc_list":null,"apc_paid":null,"fwci":6.8105,"has_fulltext":false,"cited_by_count":29,"citation_normalized_percentile":{"value":0.96896479,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"60","issue":"21","first_page":"6556","last_page":"6572"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.996399998664856,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7592992782592773},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.721657395362854},{"id":"https://openalex.org/keywords/portfolio","display_name":"Portfolio","score":0.6272794008255005},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5605587959289551},{"id":"https://openalex.org/keywords/value","display_name":"Value (mathematics)","score":0.5301024913787842},{"id":"https://openalex.org/keywords/investment","display_name":"Investment (military)","score":0.45602911710739136},{"id":"https://openalex.org/keywords/bellman-equation","display_name":"Bellman equation","score":0.4553937315940857},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.41794553399086},{"id":"https://openalex.org/keywords/operations-research","display_name":"Operations research","score":0.3391430974006653},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.19924286007881165},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1901777684688568},{"id":"https://openalex.org/keywords/mathematical-optimization","display_name":"Mathematical optimization","score":0.18812623620033264},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.15598109364509583},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.14656981825828552},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.13212093710899353}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7592992782592773},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.721657395362854},{"id":"https://openalex.org/C2780821815","wikidata":"https://www.wikidata.org/wiki/Q5340806","display_name":"Portfolio","level":2,"score":0.6272794008255005},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5605587959289551},{"id":"https://openalex.org/C2776291640","wikidata":"https://www.wikidata.org/wiki/Q2912517","display_name":"Value (mathematics)","level":2,"score":0.5301024913787842},{"id":"https://openalex.org/C27548731","wikidata":"https://www.wikidata.org/wiki/Q88272","display_name":"Investment (military)","level":3,"score":0.45602911710739136},{"id":"https://openalex.org/C14646407","wikidata":"https://www.wikidata.org/wiki/Q1430750","display_name":"Bellman equation","level":2,"score":0.4553937315940857},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.41794553399086},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.3391430974006653},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.19924286007881165},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1901777684688568},{"id":"https://openalex.org/C126255220","wikidata":"https://www.wikidata.org/wiki/Q141495","display_name":"Mathematical optimization","level":1,"score":0.18812623620033264},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.15598109364509583},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.14656981825828552},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.13212093710899353},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1080/00207543.2021.1994166","is_oa":false,"landing_page_url":"https://doi.org/10.1080/00207543.2021.1994166","pdf_url":null,"source":{"id":"https://openalex.org/S65690446","display_name":"International Journal of Production Research","issn_l":"0020-7543","issn":["0020-7543","1366-588X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Production Research","raw_type":"journal-article"},{"id":"pmh:oai:RePEc:taf:tprsxx:v:60:y:2022:i:21:p:6556-6572","is_oa":false,"landing_page_url":"http://hdl.handle.net/10.1080/00207543.2021.1994166","pdf_url":null,"source":{"id":"https://openalex.org/S4306401271","display_name":"RePEc: Research Papers in Economics","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I77793887","host_organization_name":"Federal Reserve Bank of St. Louis","host_organization_lineage":["https://openalex.org/I77793887"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":30,"referenced_works":["https://openalex.org/W207108456","https://openalex.org/W1458884706","https://openalex.org/W1925725102","https://openalex.org/W2056075452","https://openalex.org/W2059209509","https://openalex.org/W2062460331","https://openalex.org/W2063544705","https://openalex.org/W2085585817","https://openalex.org/W2090712745","https://openalex.org/W2143174928","https://openalex.org/W2508605860","https://openalex.org/W2554375650","https://openalex.org/W2567289819","https://openalex.org/W2731529204","https://openalex.org/W2771049934","https://openalex.org/W2943011553","https://openalex.org/W2948780215","https://openalex.org/W2964769731","https://openalex.org/W2972705049","https://openalex.org/W2990292214","https://openalex.org/W3005216181","https://openalex.org/W3033647046","https://openalex.org/W3080335147","https://openalex.org/W3082111313","https://openalex.org/W3088835138","https://openalex.org/W3094261776","https://openalex.org/W3110983522","https://openalex.org/W3121817445","https://openalex.org/W3154210923","https://openalex.org/W3162486746"],"related_works":["https://openalex.org/W2963077982","https://openalex.org/W2184280487","https://openalex.org/W4313317452","https://openalex.org/W3108402314","https://openalex.org/W4230475103","https://openalex.org/W2897362009","https://openalex.org/W4297199789","https://openalex.org/W2110620629","https://openalex.org/W2380314794","https://openalex.org/W3194979686"],"abstract_inverted_index":{"This":[0,148],"paper":[1],"deals":[2],"with":[3,136,157],"optimisation":[4,98],"of":[5,19,26,45,51,69,74,83,89,114,133,154,172],"cybersecurity":[6,46,49,72,112,139,146,160],"investment":[7],"in":[8,33,86],"supply":[9],"chains":[10],"using":[11],"stochastic":[12],"programming":[13],"approach.":[14],"A":[15,95],"classical":[16],"exponential":[17],"function":[18],"breach":[20],"probability":[21],"and":[22,37,141,168],"the":[23,43,57,121,131,163,170],"intuitive":[24],"idea":[25],"\u2018the":[27],"expected":[28],"net":[29],"benefits\u2019,":[30],"originally":[31],"presented":[32],"2002":[34],"by":[35,60],"Gordon":[36],"Loeb,":[38],"were":[39],"applied":[40],"to":[41,65,109,120,128],"introduce":[42],"concept":[44],"value.":[47],"The":[48,71,117],"value":[50,58,73,113,140,161],"security":[52,134,155,166],"control":[53,64,76,115],"is":[54,107],"defined":[55],"as":[56,80],"gained":[59],"implementing":[61],"a":[62,67,75,81,90,125,143],"single":[63],"secure":[66],"subset":[68],"components.":[70],"can":[77],"be":[78],"seen":[79],"measure":[82],"its":[84],"efficiency":[85],"reducing":[87],"vulnerability":[88],"secured":[91],"system":[92],"or":[93],"component.":[94],"mixed":[96],"binary":[97,105,122],"problem,":[99],"next":[100],"transformed":[101],"into":[102],"an":[103],"unconstrained":[104],"program":[106,123],"developed":[108],"maximise":[110],"total":[111,138,159],"portfolio.":[116],"optimal":[118],"solution":[119],"provides":[124],"simple":[126],"formula":[127],"immediately":[129],"obtain":[130],"portfolio":[132,153],"controls":[135,156],"maximum":[137,158],"determine":[142],"rough":[144],"cut":[145],"investment.":[147],"study":[149],"also":[150],"shows":[151],"that":[152],"reduces":[162],"losses":[164],"from":[165],"breaches":[167],"mitigate":[169],"impact":[171],"cyber":[173],"risk.":[174]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":1}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}