Intelligence in security countermeasures selection

Identifying security risks in organizations and also determining their severity in order to select appropriate security countermeasures is of great importance in organizations. In the last two decades, a lot of work has been done to increase the accuracy of risk impact calculation as well as the right selection of countermeasures. Also, a variety of work has been proposed to select combined countermeasures instead of single ones. So there is a challenge to balance the cost of security with the improvement of the defense system. In this paper, a dataset that includes the organization business processes, security data, assets, vulnerabilities, and related security countermeasures is suggested for the first time. In the previous work, this chain of information from the content of the organization, which is definitely different from another organization, has not been considered for the analysis of the performance of countermeasures (success or failure). Based on the results of the countermeasures during the organization’s lifetime, more efficient countermeasures can be suggested for new or existing risks. Therefore, by intelligently selecting the security countermeasures presented in this paper, organizations will be able to identify ineffective countermeasures and prevent them from being re-selected to counter attackers. In this way, we can make our organization more resilient to attackers over time.