Content area
Abstract: This paper introduces a novel Interest Rate Calculation Model for cyber security risk quantification, addressing the challenges of cyber security debt management. The Interest Rate Calculation Model fills this void by offering a tangible financial measure of cyber risk accumulation, 2. According to Bederna and Szadeczky (2023) organisations can optimise their cyber security investments by adopting a risk-based approach that minimises costs while ensuring proportionate protection aligned with business value at risk. Existing cyber security risk frameworks such as Factor Analysis of Information Risk (FAIR) (The FAIR Institute, n.d), International Organization for Standardization / International Electrotechnical Commission (ISO/IEC) 27005 (ISO/IEC 27005, 2022), and National Institute of Standards and Technology (NIST) (NIST, 2018) provide structured methodologies for risk assessment but lack real-time financial quantification.
Details
1 "University of the Western Cape, Cape Town, South Africa
2 University of the Western Cape, Cape Town, South Africa