Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment

Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment

Warren Axelrod (United States Trust Company, N.A.)
Copyright: © 2007 |Pages: 25
DOI: 10.4018/978-1-59904-171-1.ch001
OnDemand PDF Download:
$37.50

Abstract

This chapter expands upon standard methods of calculating the return on security investment (ROSI) in several ways. First, it accounts for the dynamic nature of threats, vulnerabilities, and defenses as they apply to the finance sector. Second, it takes a more holistic view of security investments using a portfolio method. The protection of information assets can be viewed in two ways. One is the hierarchical view of security measures, such as avoidance, deterrence, and prevention. The other is defense in depth, wherein various security tools and processes, such as firewalls, identity and access management, and intrusion detection and prevention products, are combined for greater overall protection. The reader will gain a deeper understanding of the factors that affect the risks and returns of investments in security measures, tools, and processes and will find that using the portfolio approach leads to more cost-effective security.

Complete Chapter List

Search this Book:
Reset
Table of Contents
Foreword
Sherwood Boehlert
Chapter 1
Warren Axelrod
This chapter expands upon standard methods of calculating the return on security investment (ROSI) in several ways. First, it accounts for the... Sample PDF
Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment
$37.50
Chapter 2
Göran Bergendahl, Ted Lindblom
Banks play an important role in the financial system contributing to efficient and well functioning transfers of capital and risk between those in... Sample PDF
Risk Management in Banking: A Review of Principles and Strategies
$37.50
Chapter 3
Jean-Noël Ezingeard, Elspeth McFadzean, David Birchall
A number of recent high-profile organizational failures have been compounded by the inadequacy of the data, information, and intelligence available... Sample PDF
Developing Information Assurance Alignment in Financial Services
$37.50
Chapter 4
Kevin Streff
The banking sector is identified as a critical infrastructure by the federal government. In this chapter, the author provides an overview of... Sample PDF
Information Security in Banking
$37.50
Chapter 5
Guoling Lao, Liping Wang
This chapter is about a new security risk management strategy for financial services institutions. The proper strategy presented here takes the... Sample PDF
Security Risk Management Strategy of Financial Services Institutions
$37.50
Chapter 6
Niels Jørgensen
In e-banking, user authentication with mobile phones and special-purpose cryptographic tokens is a promising alternative to conventional approaches... Sample PDF
New Technologies in E-Banking: Convenient and Trustworthy?
$37.50
Chapter 7
Alvin Y.C. Yeo
Authentication is a prime challenge for banks today as end users’ digital identities are being compromised through increasingly sophisticated means.... Sample PDF
Stronger Authentication: Responding to the Crisis of Confidence
$37.50
Chapter 8
Konstantinos Markantonakis, Keith Mayes
When designing and implementing a system that handles sensitive or valuable information, there can be few discussions that do not include some... Sample PDF
Smart Cards for Security and Assurance
$37.50
Chapter 9
Peter Orondo
In this chapter, we make the case for a unified approach to managing identities in a complex enterprise in the financial services sector. We discuss... Sample PDF
Unified Identities in Complex Financial Organizations
$37.50
Chapter 10
Nick Pullman, Kevin Streff
This chapter discusses the role of identity and access management in the financial services industry. Identity and access management is a very broad... Sample PDF
Identity and Access Management
$37.50
Chapter 11
Sylvia Kierkegaard
Phishing and pharming continue to plague many financial institutions and electronic commerce (e-commerce) Web sites. Security experts estimate... Sample PDF
Swallowing the Bait, Hook, Line, and Sinker: Phishing, Pharming, and Now Rat-ing!
$37.50
Chapter 12
David Porter
This chapter discusses the latest innovations in fraud detection, with a particular focus on insider fraud and organized fraud. It argues that as... Sample PDF
The Evolution of Fraud Intelligence
$37.50
Chapter 13
Victoria Ungureanu
This chapter reviews the main types of access control mechanisms that can be used to govern subscription-based financial services. The overall... Sample PDF
Managing Information Assurance in Subscription-Based Financial Services
$37.50
Chapter 14
Anindya Ghose
The Sarbanes-Oxley Act (SOX) introduced significant changes to financial practice and corporate governance regulation, including stringent new rules... Sample PDF
Information Disclosure and Regulatory Compliance: Economic Issues
$37.50
About the Contributors