i-HOPE Framework for Predicting Cyber Breaches: A Logit Approach

In light of the recent surge in cyber security breaches globally, Information Security Management Systems (ISMS) for organizations is of utmost importance. In this paper, we used the CSI-FBI survey questionnaires from 1997 to 2010 and ISO/IEC27001 standard to propose an i-HOPE framework to predict the likelihood of a cyber breach. Generalized Linear Model i.e. Log it approach and CSI-FBI questionnaire data was used to compute and validate our proposed model. Using our i-HOPE framework we conclude that (i) specific security technologies (Firewalls, IDSs, Biometrics, firewalls), can deter only specific types of attacks (ii) reporting of cyber breaches to law enforcing bodies does not deter cyber attacks (iii) increase in percentage of (a) IT budget allocated to security and (b) outsourcing of IT security function decreases the likelihood of an attack.