A Fuzzy Multi-Criteria Decision Framework for Selecting Cybersecurity Platforms Under Strategic PESTEL Factors

The growth of advanced cyber threats has inspired organisations to start using powerful cybersecurity platforms, but the process of selection is analytically challenging due to the multidimensional, uncertain, and conflicting character of the evaluation criteria. The prevailing culture of decision-support frameworks is based on unyielding numerical evaluations that cannot reflect the underlying vagueness of expert judgment and the dynamic interplay of macro-environmental factors. This paper presents a combined Fuzzy Multi-Criteria Decision-Making (FMCDM) system, which uses polygonal fuzzy numbers, in particular pentagonal fuzzy representation, and four other complementary methods of MCDM (Fuzzy AHP, Fuzzy TOPSIS, Fuzzy VIKOR, and Fuzzy COPRAS), integrated by a Borda Count consensus system. Sixteen assessment sub-criteria are logically obtained through an analysis of PESTEL (Political, Economic, Social, Technological, Environmental, and Legal) and weighted using the Fuzzy Analytic Hierarchy Process. The model is used to compare six cybersecurity platforms, including Microsoft Security Framework, CrowdStrike Falcon, Cisco Cybersecurity Portfolio, Palo Alto Networks Cortex, Fortinet Security Fabric, and Sophos Central. In this study, Fuzzy AHP demonstrates that the aggregate weight of political factors is the highest (0.4181), followed by cross-border data management, regulatory compliance, and government incentives as the most popular sub-criteria. According to the results from the Fuzzy TOPSIS, Fuzzy VIKOR, and Fuzzy COPRAS methods, Microsoft Security Framework ranks consistently in the first place, and CrowdStrike Falcon and Cisco Cybersecurity Portfolio were ranked second and third, respectively. The framework presented in the study provides decision-makers with a reproducible, uncertainty-conscious basis for cybersecurity platform selection.