The internet and local area networks, which are growing rapidly, have witnessed an increase in malicious threads. Therefore, the deployment of security tools is necessary for protecting organisations from external attacks on their information systems, preventing information losses and ensuring secure communication. To this end, the primary objective of this paper is to propose an enhanced methodology for supporting the decision maker in selecting the appropriate security tools for information systems in organisations. First, we construct a security criteria hierarchy as the decision criteria. Then, based on the criteria, we compute the competitiveness score of each security tool and the relative weights among different types of security tools utilising an analytic hierarchy process (AHP). Finally, in order to incorporate a trade-off between all the competitiveness aspects associated with the security tools and costs, a prioritising/weighting mixed integer goal programming (GP) model or a combination of mixed integer GP and weighted-sum model to determine the optimal solutions for the security tools is employed.
Keywords: security system, security tools, multi-objective, optimisation, security criteria, goal programming, GP, analytic hierarchy process, AHP, multiple criteria decision-making, MCDM, weighted-sum, security management