In the field of cyber security, investment decision making is hard. Because decision making is impacted by dymanic limitations (feedback, time delay, accumulation effects). Dynamic limitations arise from attacker-defender interactions and the response of the resilient organisation.
By using specific algorithm building techniques (following system dynamic methodology) we were able to replicate the observed behaviour of organisational defence strategies across different domains (threat actor, security function, business operations and finance) and simulate the future effects of indented decisions. We ran these quantified simulations in the field of malware, detection engines roll-out and usage, DDoS, secure software development and insider threat.