Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach
IF 1.7 4区 计算机科学Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING
Abdul Wahid Khan, Shah Zaib, Meshari D. Alanazi, Shabana Habib
{"title":"Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach","authors":"Abdul Wahid Khan, Shah Zaib, Meshari D. Alanazi, Shabana Habib","doi":"10.1002/smr.2717","DOIUrl":null,"url":null,"abstract":"<p>The goal of this research study was to identify and prioritize the significant cybersecurity challenges that vendor firms encounter during software development. Using Systematic Literature Reviews (SLRs), 13 significant challenges were found, including “Security issues/Access of Cyberattacks”, “Lack of Right Knowledge”, “Cost Security Issues”, and “Lack of Confidentiality and Trust” among others. To address these concerns, a multifaceted strategy that prioritizes continuing education, training, and investment in cybersecurity measures, as well as cross-industry cooperation and coordination with government entities, is required. These challenges were ranked using the Fuzzy Analytic Hierarchy Process (F-AHP). We obtained the following results after applying the Fuzzy Analytic Hierarchy Process: CSC1 (Cyber Security Challenge-1) “Security Issues/Access of Cyber Attacks”, CSC2 “Lack of Right Knowledge”, and CSC3 “Framework” are the top most critical cyber security challenges, with weightages of 0.1687, 0.1672, and 0.1194, respectively. This study lays the groundwork for future research and assists vendor organizations in addressing the cybersecurity concerns they face during software development. The study also emphasizes the significance of addressing cybersecurity during the software development process in order to avoid the financial and reputational losses associated with cyber intrusions.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7000,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Software-Evolution and Process","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/smr.2717","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
The goal of this research study was to identify and prioritize the significant cybersecurity challenges that vendor firms encounter during software development. Using Systematic Literature Reviews (SLRs), 13 significant challenges were found, including “Security issues/Access of Cyberattacks”, “Lack of Right Knowledge”, “Cost Security Issues”, and “Lack of Confidentiality and Trust” among others. To address these concerns, a multifaceted strategy that prioritizes continuing education, training, and investment in cybersecurity measures, as well as cross-industry cooperation and coordination with government entities, is required. These challenges were ranked using the Fuzzy Analytic Hierarchy Process (F-AHP). We obtained the following results after applying the Fuzzy Analytic Hierarchy Process: CSC1 (Cyber Security Challenge-1) “Security Issues/Access of Cyber Attacks”, CSC2 “Lack of Right Knowledge”, and CSC3 “Framework” are the top most critical cyber security challenges, with weightages of 0.1687, 0.1672, and 0.1194, respectively. This study lays the groundwork for future research and assists vendor organizations in addressing the cybersecurity concerns they face during software development. The study also emphasizes the significance of addressing cybersecurity during the software development process in order to avoid the financial and reputational losses associated with cyber intrusions.