By Charles Iheagwara, PhD, SDM ’10
The challenge: Cybersecurity is a growing industry, with a market expected to expand to about $120.1 billion by 2017. The proliferation of product offerings provides companies with a wide range of security options but makes it increasingly difficult to assess which product best suits specific intrusion prevention needs.
Users therefore need a method for:
- Acquiring insight into the inherent characteristics and modes of operation for a wide variety of cybersecurity products;
- Eliminating the pain points associated with choosing the wrong products;
- Preventing the disastrous consequences of failing to detect and prevent intrusions; and ultimately
- Meeting the intrusion prevention goals unique to their specific enterprises.
The approach: An SaaS application/tool has been developed to allow users of intrusion prevention products to customize a business case analysis for any deployment and target environment or market. The patent-pending tool (IntrusionPoint™) accepts a wide range of market data, technical parameters, and business/financial and service planning inputs that users can tailor to their own deployment plans. It simulates a network deployment and operations using a variety of technical, environmental, and service plans and produces a detailed analytical report, analytics output graphs, and key technical, deployment and implementation metrics.
The tools: The systems thinking mindset central to MIT’s System Design & Management (SDM) program, as well as several systems engineering tools commonly taught in SDM were employed to develop the application. The process included:
- defining and designing a systems architecture to encapsulate the different modular system subcomponents;
- conducting a systems dynamics analysis of the various factors that could affect the system in either a positive or negative direction;
- developing an information flow schema;
- developing an algorithm that performs mathematical computation using the system input data to produce a set of desirable system output in the form of decision-making intelligence reports, analytics, and visual charts;
- developing the system analytics and visualization subsystems; and
- developing a web portal.
The results: The IntrusionPoint application performs artificial intelligence decision-making analysis of enterprise intrusion prevention solutions, providing a computer-implemented method for evaluating the suitability of cybersecurity products for any particular user.
The method accomplishes the following tasks:
- obtaining weights representing the relative importance of a plurality of attributes related to intrusion protection systems;
- obtaining a plurality of attribute scores for each of the plurality of attributes related to intrusion protection systems; and
- calculating a weighted sum of the plurality of attribute scores based on the weights.
The tool’s logical design construct and implementation provides a variety of analytics and visualizations from which end users, product developers, and vendors can gain insight into the pros and cons of each solution and thus make informed decisions related to purchases, product enhancements, and other cybersecurity tasks.
These charts represent a sampling of the analytics generated by the IntrusionPoint tool that enable customers to visualize the technical performance of various cybersecurity products.
About the Author
Charles Iheagwara, PhD, is a customer solutions advocate and security solutions consultant at Cisco, Inc. Previously, he served as managing director at Unatek Inc. and as a consultant in various capacities at Grant Thornton, KPMG, Lockheed Martin, and Edgar Online. He holds a PhD from the University of Glamorgan in the United Kingdom and, as an SDM alumnus, an MS in engineering and management from MIT. He also earned an MS in mineral engineering from the University of Minnesota and a BS and MS in metallurgical engineering from Russia’s Moscow Institute for Steel and Alloys. Dr. Iheagwara has published widely and is a frequent speaker at industry events.