%0 Journal Article %J Technology Innovation Management Review %D 2013 %T On the Road to Holistic Decision Making in Adaptive Security %A Mahsa Emami-Taba %A Mehdi Amoui %A Ladan Tahvildari %K adaptive security %K architecture %K automation %K cyberattacks %K cybersecurity %K game theory %K holistic decision making %K self-adaptive software %K self-protecting software %X Security is a critical concern in today's software systems. Besides the interconnectivity and dynamic nature of network systems, the increasing complexity in modern software systems amplifies the complexity of IT security. This fact leaves attackers one step ahead in exploiting vulnerabilities and introducing new cyberattacks. The demand for new methodologies in addressing cybersecurity is emphasized by both private and national corporations. A practical solution to dynamically manage the high complexity of IT security is adaptive security, which facilitates analysis of the system's behaviour and hence the prevention of malicious attacks in complex systems. Systems that feature adaptive security detect and mitigate security threats at runtime with little or no administrator involvement. In these systems, decisions at runtime are balanced according to quality and performance goals. This article describes the necessity of holistic decision making in such systems and paves the road to future research. %B Technology Innovation Management Review %I Talent First Network %C Ottawa %V 3 %P 59-64 %8 08/2013 %G eng %U http://timreview.ca/article/717 %N 8 %1 University of Waterloo Mahsa Emami-Taba received her BEng degree in Computer Engineering from Shahid Beheshty University, Iran, in 2005. She received her MMath degree in Computer Science from the University of Waterloo, Canada, in 2009. After completing her studies, she worked as a software designer and developer. She is currently working toward a PhD degree in the Department of Electrical and Computer Engineering at the University of Waterloo. Her research interests include self-adaptive software systems, adaptive security, and nature-inspired adaptive software. %2 University of Waterloo Mehdi Amoui is a Postdoctoral Fellow at the University of Waterloo, Canada. He currently works as a researcher/consultant on a joint research project with the Software Verification and Validation team at Blackberry Inc., Canada. In 2002, he received his PhD from the University of Waterloo on the topic of an evolving software system for self-adaptation, and in 2006, he received an MASc degree in Artificial Intelligence and Robotics from the University of Tehran. His main research interests include self-adaptive software systems, search-based software engineering, software evolution, and software quality. %3 University of Waterloo Ladan Tahvildari is an Associate Professor in the Department of Electrical and Computer Engineering at the University of Waterloo, Canada, and she is the founder of the Software Technologies Applied Research (STAR) Laboratory. Together with her research team, she investigates methods, models, architectures, and techniques to develop higher-quality software systems in a cost-effective manner. Her research accomplishments have been recognized by various awards, including the prestigious Ontario Early Researcher Award, which recognized her work in self-adaptive software. She is a Senior Member of the IEEE, a member of the ACM, and a Professional Engineer (PEng). %R http://doi.org/10.22215/timreview/717