Information Technology Security as Scored by Management Budget

Information Technology Security as Scored by Management Budget

Tiina K. O. Rodrigue (The George Washington University, USA)
DOI: 10.4018/978-1-5225-5829-3.ch012

Abstract

In information technology security as scored by management budget, the author examines information technology (IT) security in the context of organizational management, business, complexity leadership theories, and current IT security scholarship. Based on well-known organizational power and politics theory as well as accounting, budget, and management literature, the chapter examines what is known about the impact of power and politics on IT security and the importance of budgetary gamesmanship as illustrated by understanding that the budget as a game, the politics of allocation within an organization, the influence of budgetary bias and how it shapes what CISOs must understand and master, the unfunded mandate impediment through which each the organization picks winners and losers under the auspices of “doing more with less.” The author suggests a future framework for IT security-management-budget review that includes measures that track expenditure versus the power alignment and how to gauge the net effect on an organization's information-technology security posture.
Chapter Preview
Top

Background

A compromise to national security due to a neglected component of an IT security posture could cause death, damage to trust and reputation, undermining the critical infrastructure of America (Pawlak and Wendling, 2013). On the corporate side, we have seen the impact of a major breach with Equifax, a single instance losing millions of records and costing shareholders $4B in market capitalization, with more loss expected in the hundreds of pending lawsuits (“Equifax Breach: Cyber Insurance To The Rescue?!,” 2017). With such severe consequences, why would there be any hesitation to fund IT security in all four components?

Complete Chapter List

Search this Book:
Reset