Cyber Security Metrics Evaluation Using Multi-criteria Decision-Making Approach

Cyberspace is the trust-worthy environment in which message transmission over computer networks occurs. Cyber security aims to protect the information and other resources from malicious users, external or internal within the organization. Metrics is a general name that used to the set of measures that describe a suitable applications. The aim of security metrics is to make certain business and minimize business damage by preventing or lowering the impact of cyber incidents. A metric can be developed to measure cyber security trust-worthiness of a company. The measurement of security metrics can be viewed as multiple-criteria decision-making problem (MCDM). In the present paper we are comparing two MCDM approaches: AHP and Electre III to evaluate cyber security metrics.