TITLE:
Prioritizing Defense in Depth Measures Using Artificial Intelligence (AI) and the Expected Utility Hypothesis
AUTHORS:
Rodney Alexander
KEYWORDS:
Artificial Intelligence (AI), Expected Utility Hypothesis (EUH), Information Assurance, Defense in Depth, Information Technology, Network Security, Cybersecurity
JOURNAL NAME:
Journal of Information Security,
Vol.16 No.2,
March
31,
2025
ABSTRACT: The purpose of this research was to determine whether Artificial Intelligence (AI) and the Expected Utility Hypothesis can be effectively applied to the prioritization of defense in-depth security tools and procedures to reduce cyber threats. The way this was determined, or methods used in this study consisted of using AI (Microsoft CoPilot) to rank the current top 10 cybersecurity threats and the cybersecurity defense in depth utilities that are designed to reduce those threats. The methods further involved using the Likert Scale Model to create an ordinal ranking of the cybersecurity threats. The defense in depth utilities and procedures were then compared to see whether AI (CoPilot), the Likert scale and the Expected Utility Hypothesis could be effectively applied to prioritize and combine the measures to reduce cyber threats. The results of this research reject the H0 null hypothesis that AI and the Expected Utility Hypothesis does not affect the relationship between prioritization and combining of defense in depth utilities and procedures (independent variables) and related cyber threats (dependent variables).