Identifying and Quantifying Trade-offs in Multi-Stakeholder Risk Evaluation with Applications to the Data Protection Impact Assessment of the GDPR

TL;DR

This paper presents a quantitative, semi-automated method for identifying optimal trade-offs among stakeholders in cybersecurity risk management, demonstrated through GDPR data protection impact assessments.

Contribution

It introduces a Pareto optimality-based approach to balance conflicting stakeholder risk perceptions and provides a prototype tool for practical GDPR compliance scenarios.

Findings

Prototype tool effectively assists in GDPR data protection impact assessments

Approach scales well with increasing problem complexity

Encouraging experimental results validate the method's practicality

Abstract

Cybersecurity risk management consists of several steps including the selection of appropriate controls to minimize risks. This is a difficult task that requires to search through all possible subsets of a set of available controls and identify those that minimize the risks of all stakeholders. Since stakeholders may have different perceptions of the risks (especially when considering the impact of threats), conflicting goals may arise that require to find the best possible trade-offs among the various needs. In this work, we propose a quantitative and (semi)automated approach to solve this problem based on the well-known notion of Pareto optimality. For validation, we show how a prototype tool based on our approach can assist in the Data Protection Impact Assessment mandated by the General Data Protection Regulation on a simplified but realistic use case scenario. We also evaluate the scalability of the approach by conducting an experimental evaluation with the prototype with encouraging results.