Quantifying the Return of Security Investments for Technology Startups
Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. A...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
University of Baghdad, College of Science for Women
2024-07-01
|
| Series: | مجلة بغداد للعلوم |
| Subjects: | |
| Online Access: | https://bsj.uobaghdad.edu.iq/index.php/BSJ/article/view/9077 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849697534172200960 |
|---|---|
| author | Mohamed Noordin Yusuff Marican Siti Hajar Othman Ali Selamat Shukor Abd Razak |
| author_facet | Mohamed Noordin Yusuff Marican Siti Hajar Othman Ali Selamat Shukor Abd Razak |
| author_sort | Mohamed Noordin Yusuff Marican |
| collection | DOAJ |
| description |
Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. As such, startups are fast becoming attack vectors for malicious perpetrators to gain entry via backdoors to large organizations. However, startups remain prudent in their cyber security spending as their north star is revenue generation by delivering their services and minimum viable product (MVP) to their customers. This study proposes an enhanced Return on Security Investment (ROSI) which helps technology startups calculate the return on security investment and justify their budget of cyber security spending. Though there are existing models to calculate the return of investments allocated to cyber security expenditure, they are rather complex and do not give management clarity in terms of the monetary value for cyber security spending. Furthermore, the existing models do not cater to the dynamics and nuances of technology startups. The enhanced model also provides technology startups the ability to appropriately adjust their cyber security investments based on the calculations of the Minimum (Min) and Maximum (Max) ROSI values. The proposed and enhanced ROSI model has been validated by 5 cyber security experts who agreed on the importance and necessity of the model to be applied to technology startups. The results of the case study on a FinTech startup enable the calculation of the Min and Max ROSI to justify the return on security investments and provide the startup with the ability to adjust the cyber security spending accordingly.
|
| format | Article |
| id | doaj-art-e9adfa0bd2954e7abe1528b54f5fbcf4 |
| institution | DOAJ |
| issn | 2078-8665 2411-7986 |
| language | English |
| publishDate | 2024-07-01 |
| publisher | University of Baghdad, College of Science for Women |
| record_format | Article |
| series | مجلة بغداد للعلوم |
| spelling | doaj-art-e9adfa0bd2954e7abe1528b54f5fbcf42025-08-20T03:19:11ZengUniversity of Baghdad, College of Science for Womenمجلة بغداد للعلوم2078-86652411-79862024-07-0121710.21123/bsj.2023.9077Quantifying the Return of Security Investments for Technology StartupsMohamed Noordin Yusuff Marican0https://orcid.org/0000-0002-0040-3745Siti Hajar Othman1https://orcid.org/0000-0002-0205-4948Ali Selamat2Shukor Abd Razak3https://orcid.org/0000-0002-8824-6069Faculty of Computing, Universiti Teknologi Malaysia, Johor Bahru, Malaysia.Malaysia-Japan Institute of Technology, Universiti Teknologi Malaysia, Johor Bahru, Malaysia.Faculty of Computing, Universiti Teknologi Malaysia, Johor Bahru, Malaysia & Malaysia-Japan Institute of Technology, Universiti Teknologi Malaysia, Johor Bahru, Malaysia & MaGICX-Media and Game Innovation Centre of Excellence, Universiti Teknologi Malaysia, Johor Bahru, Malaysia & Faculty of Informatics and Management, University of Hradec Kralove, Hradec Kralove, Czech Republic.Faculty of Informatics and Computing, Universiti Sultan Zainal Abidin, Kuala Terengganu, Malaysia. Technology startups are critical to the advancement of digital initiatives in many countries undergoing smart nation agenda. Technology startups are thus vendors and suppliers of services to large organizations such as the government sector, multi-national corporations and financial institutions. As such, startups are fast becoming attack vectors for malicious perpetrators to gain entry via backdoors to large organizations. However, startups remain prudent in their cyber security spending as their north star is revenue generation by delivering their services and minimum viable product (MVP) to their customers. This study proposes an enhanced Return on Security Investment (ROSI) which helps technology startups calculate the return on security investment and justify their budget of cyber security spending. Though there are existing models to calculate the return of investments allocated to cyber security expenditure, they are rather complex and do not give management clarity in terms of the monetary value for cyber security spending. Furthermore, the existing models do not cater to the dynamics and nuances of technology startups. The enhanced model also provides technology startups the ability to appropriately adjust their cyber security investments based on the calculations of the Minimum (Min) and Maximum (Max) ROSI values. The proposed and enhanced ROSI model has been validated by 5 cyber security experts who agreed on the importance and necessity of the model to be applied to technology startups. The results of the case study on a FinTech startup enable the calculation of the Min and Max ROSI to justify the return on security investments and provide the startup with the ability to adjust the cyber security spending accordingly. https://bsj.uobaghdad.edu.iq/index.php/BSJ/article/view/9077Cyber Security Maturity Level, Cyber Security Quantification, Return of Security Investment, ROSI, Technology Startup |
| spellingShingle | Mohamed Noordin Yusuff Marican Siti Hajar Othman Ali Selamat Shukor Abd Razak Quantifying the Return of Security Investments for Technology Startups مجلة بغداد للعلوم Cyber Security Maturity Level, Cyber Security Quantification, Return of Security Investment, ROSI, Technology Startup |
| title | Quantifying the Return of Security Investments for Technology Startups |
| title_full | Quantifying the Return of Security Investments for Technology Startups |
| title_fullStr | Quantifying the Return of Security Investments for Technology Startups |
| title_full_unstemmed | Quantifying the Return of Security Investments for Technology Startups |
| title_short | Quantifying the Return of Security Investments for Technology Startups |
| title_sort | quantifying the return of security investments for technology startups |
| topic | Cyber Security Maturity Level, Cyber Security Quantification, Return of Security Investment, ROSI, Technology Startup |
| url | https://bsj.uobaghdad.edu.iq/index.php/BSJ/article/view/9077 |
| work_keys_str_mv | AT mohamednoordinyusuffmarican quantifyingthereturnofsecurityinvestmentsfortechnologystartups AT sitihajarothman quantifyingthereturnofsecurityinvestmentsfortechnologystartups AT aliselamat quantifyingthereturnofsecurityinvestmentsfortechnologystartups AT shukorabdrazak quantifyingthereturnofsecurityinvestmentsfortechnologystartups |