DEA-Analysis Of The Effectiveness Of The Country’s Information Security System

Abstract

The consequences of the fourth industrial revolution caused an increase in the level of computerization and digitalization of society, which led to problems related to the protection of information of individual users, companies and the state as a whole. The aim of this paper is to analyze the effectiveness of the information security system of countries in terms of its ability to counter information threats. Two groups of input indicators were used for this purpose. The first group was formed by 12 indicators of the country’s world development, which were selected from the World Bank database and based on the results of correlation analysis. The second group includes 5 information technology indicators that characterize certain areas of information security: information technology development, digitalization of the country, countries’ commitment to cybersecurity, readiness to counter cyber threats and use the latest information and communication technologies. The country’s information security threat index is used as a starting point. Data from 159 countries of the world for 2018 were taken for the analysis, as for this number of countries and period there is a complete set of data on selected indicators. Country data were considered based on clusters, which allowed the use of 7 groups. The analysis was performed using the analytical tool Frontier Analyst. The study built CRR and BCC models, among which CRR was preferred, which allowed a more critical assessment of the potential of countries. The paper analyzes the structural effectiveness of socio-economic development indicators and information security indicators of countries, considering the current level of the information security threat index. As a result, the following were identified: an increase in government security spending for zero-cluster countries; the need to transform the information technology component for the countries of the first and second clusters; increasing personal protection, strengthening corruption control and legal regulation for third cluster countries; the need for economic growth and higher social standards for the fourth, fifth and sixth clusters. The obtained models allowed us to estimate the maximum level of growth of the information security threat index with the available resource potential of the country. As a result, it was found that the largest increase in the information security threat index is possible due to the existing potential of the countries of the zero and fifth clusters, which will increase the effectiveness of their response to information threats. Keywords: BBC-model, CCR-model, Data Envelopment Analysis, socio-economic development, information, threat, security.