Quantitative Model for Economic Analyses of Information Security Investment in an Enterprise Information System-Reference-Cited by-同舟云学术

Quantitative Model for Economic Analyses of Information Security Investment in an Enterprise Information System

Published:2012-01-01 Issue:6 Volume:45 Page:
ISSN:1581-1832
Container-title:Organizacija
language:
Short-container-title:

Author:

Bojanc Rok,Jerman-Blažič Borka

Abstract

AbstractThe paper presents a mathematical model for the optimal security-technology investment evaluation and decision-making processes based on the quantitative analysis of security risks and digital asset assessments in an enterprise. The model makes use of the quantitative analysis of different security measures that counteract individual risks by identifying the information system processes in an enterprise and the potential threats. The model comprises the target security levels for all identified business processes and the probability of a security accident together with the possible loss the enterprise may suffer. The selection of security technology is based on the efficiency of selected security measures. Economic metrics are applied for the efficiency assessment and comparative analysis of different protection technologies. Unlike the existing models for evaluation of the security investment, the proposed model allows direct comparison and quantitative assessment of different security measures. The model allows deep analyses and computations providing quantitative assessments of different options for investments, which translate into recommendations facilitating the selection of the best solution and the decision-making thereof. The model was tested using empirical examples with data from real business environment.

Publisher

Walter de Gruyter GmbH

Subject

Marketing,Organizational Behavior and Human Resource Management,Strategy and Management,Tourism, Leisure and Hospitality Management,Business and International Management,Management Information Systems

Link

https://www.degruyter.com/view/j/orga.2012.45.issue-6/v10051-012-0027-z/v10051-012-0027-z.pdf

Reference50 articles.

1. Is there a cost to privacy breaches An event study In Workshop on the Economicsof UK Retrieved from http www heinz cmu edu acquisti papers acquistifriedman telang privacy breaches pdf;Acquisti;Information Security October,2006

2. Institute Crime Survey The th Crime Survey Retrieved th from http www gocsi com survey;January;Computer Security Computer Security Annual Computer Security,2011

3. An Empirical Analysis of Security Investment in Countermeasures Based on an Enterprise Survey in Japan In : Workshop on the Economics of InformationSecurity Cambridge Retrieved from http econinfosec org docs;Tanaka;October,2006

4. Productivity Space of Information Security in an Extension of the s Investment Model In Managing Information Risk and the Economics of US http dx doi org;Matsuura;Security,2009

5. of IT Management In of InformationSecurity US http dx org;Cavusoglu;Economics Security Economics,2004

Cited by 15 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Model to Optimize the Management of Strategic Projects Using Genetic Algorithms in a Public Organization;Information;2022-11-09

2. Systematically Understanding Cybersecurity Economics: A Survey;Sustainability;2021-12-10

3. Cybersecurity awareness training programs: a cost–benefit analysis framework;Industrial Management & Data Systems;2021-01-27

4. Information security management frameworks and strategies in higher education institutions: a systematic review;Annals of Telecommunications;2020-07-25

5. CUREX: seCUre and pRivate hEalth data eXchange;IEEE/WIC/ACM International Conference on Web Intelligence - Companion Volume;2019-10-14