Prioritizing Cybersecurity Management Guidelines using Analytical Hierarchy Process (AHP) Decision Technique

Abstract

Decision theory is a set of concepts, principles, tools, and techniques that help decision-makers deal with complex and uncertain decision-making problems. The theory of decisions provides a systematic basis for making reasonable choices in a situation of uncertainty. This research implements an Analytical Hierarchy Process (AHP) decision technique in determining the effectiveness of choices in making a decision. The proposed systematic approach also discusses detailed guidelines using Analytical Hierarchy Process (AHP) techniques to help organizations conduct risk assessment effectively by prioritizing the proposed cybersecurity management guideline. A survey has been conducted by interviewing cybersecurity experts to get feedback on the proposed cybersecurity management guideline. The proposed cybersecurity management guideline uses the AHP decision technique to perform selection and prioritization in reducing the decision bias. In managing cybersecurity threats, this study proposed three criteria categories: human resource, logistical, and technical aspects. This criterion is a mechanism for university policymakers in managing university networks. The research study is continued with a discussion on the use of AHP decision tools to malware, network intrusion, and web intrusion management guideline. The use of AHP as a decision tool can help to reduce decision bias, ensure that every opinion is heard, and actively build consensus among decision-makers in solving problems. Collaborative decisions with multiple people can produce better results with strong commitment from decision-makers.