Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach

IF 1.7 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING
Abdul Wahid Khan, Shah Zaib, Meshari D. Alanazi, Shabana Habib
{"title":"Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach","authors":"Abdul Wahid Khan,&nbsp;Shah Zaib,&nbsp;Meshari D. Alanazi,&nbsp;Shabana Habib","doi":"10.1002/smr.2717","DOIUrl":null,"url":null,"abstract":"<p>The goal of this research study was to identify and prioritize the significant cybersecurity challenges that vendor firms encounter during software development. Using Systematic Literature Reviews (SLRs), 13 significant challenges were found, including “Security issues/Access of Cyberattacks”, “Lack of Right Knowledge”, “Cost Security Issues”, and “Lack of Confidentiality and Trust” among others. To address these concerns, a multifaceted strategy that prioritizes continuing education, training, and investment in cybersecurity measures, as well as cross-industry cooperation and coordination with government entities, is required. These challenges were ranked using the Fuzzy Analytic Hierarchy Process (F-AHP). We obtained the following results after applying the Fuzzy Analytic Hierarchy Process: CSC1 (Cyber Security Challenge-1) “Security Issues/Access of Cyber Attacks”, CSC2 “Lack of Right Knowledge”, and CSC3 “Framework” are the top most critical cyber security challenges, with weightages of 0.1687, 0.1672, and 0.1194, respectively. This study lays the groundwork for future research and assists vendor organizations in addressing the cybersecurity concerns they face during software development. The study also emphasizes the significance of addressing cybersecurity during the software development process in order to avoid the financial and reputational losses associated with cyber intrusions.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7000,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Software-Evolution and Process","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/smr.2717","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0

Abstract

The goal of this research study was to identify and prioritize the significant cybersecurity challenges that vendor firms encounter during software development. Using Systematic Literature Reviews (SLRs), 13 significant challenges were found, including “Security issues/Access of Cyberattacks”, “Lack of Right Knowledge”, “Cost Security Issues”, and “Lack of Confidentiality and Trust” among others. To address these concerns, a multifaceted strategy that prioritizes continuing education, training, and investment in cybersecurity measures, as well as cross-industry cooperation and coordination with government entities, is required. These challenges were ranked using the Fuzzy Analytic Hierarchy Process (F-AHP). We obtained the following results after applying the Fuzzy Analytic Hierarchy Process: CSC1 (Cyber Security Challenge-1) “Security Issues/Access of Cyber Attacks”, CSC2 “Lack of Right Knowledge”, and CSC3 “Framework” are the top most critical cyber security challenges, with weightages of 0.1687, 0.1672, and 0.1194, respectively. This study lays the groundwork for future research and assists vendor organizations in addressing the cybersecurity concerns they face during software development. The study also emphasizes the significance of addressing cybersecurity during the software development process in order to avoid the financial and reputational losses associated with cyber intrusions.

Abstract Image

确定供应商组织在网络安全方面面临的挑战并排定优先次序:基于 FUZZY-AHP 的系统方法
本研究的目标是确定供应商公司在软件开发过程中遇到的重大网络安全挑战,并对其进行优先排序。通过系统文献回顾(SLR),我们发现了 13 项重大挑战,包括 "安全问题/网络攻击的获取"、"缺乏正确的知识"、"成本安全问题 "和 "缺乏保密性和信任 "等。要解决这些问题,需要采取多方面的战略,优先考虑继续教育、培训和网络安全措施投资,以及跨行业合作和与政府实体的协调。我们采用模糊层次分析法(F-AHP)对这些挑战进行了排序。应用模糊分析层次过程后,我们得出了以下结果:CSC1(网络安全挑战-1)"安全问题/网络攻击的获取"、CSC2 "缺乏正确的知识 "和 CSC3 "框架 "是最关键的网络安全挑战,权重分别为 0.1687、0.1672 和 0.1194。本研究为今后的研究奠定了基础,有助于供应商组织解决在软件开发过程中面临的网络安全问题。本研究还强调了在软件开发过程中解决网络安全问题的重要性,以避免网络入侵带来的经济和声誉损失。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Journal of Software-Evolution and Process
Journal of Software-Evolution and Process COMPUTER SCIENCE, SOFTWARE ENGINEERING-
自引率
10.00%
发文量
109
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信