Search the World's Largest Database of Information Science & Technology Terms & Definitions
InfInfoScipedia LogoScipedia
A Free Service of IGI Global Publishing House
Below please find a list of definitions for the term that
you selected from multiple scholarly research resources.

What is Security Economics

Handbook of Research on Social and Organizational Liabilities in Information Security
Field of study and area of application that analyzes and evaluates costs and benefits, in financial terms, of acquisition, deployment and maintenance of resources such as systems and personnel to provide security of information and informational assets.
Published in Chapter:
An Alternative Model of Information Security Investment
Peter O. Orondo (Acclaim Consulting Group, Inc., USA)
DOI: 10.4018/978-1-60566-132-2.ch008
Most companies would agree that securing their information assets is worth some investment. It is thus plausible to assume that low levels of IT security investment indicate that only a small portion of the firm’s business is IT asset value driven. It could also point to a misaligned corporate investment policy. Conversely, some firms may be investing more than is warranted given the value of their information asset holdings, thereby wasting shareholder resources. The question then becomes: What level of IT security investment is enough? Several models exist to help companies set their IT spending in general and Information Security spending in particular. The leading model out there is the Information Technology Portfolio Management (ITPM) model. This is really nothing more than financial portfolio management theory applied to the information technology realm. Thus ITPM tries to optimize IT spending based on a number of factors like business value, efficiency and cost reduction among others. Despite current vigorous research at esteemed institutions like the Center for Information Systems Research (CISR) at MIT and at the Free University of Amsterdam, ITPM is still in its infancy and the field would benefit from alternative models. In this chapter, we propose an alternative model of IT security spending that firms may readily apply when setting their Information Security budgets. The model is analytical and starts by developing a model for the business value of information. It then develops a model for the cost of an information security breach. Finally, we find the relationship between the value model and the cost model from.
Full Text Chapter Download: US $37.50 Add to Cart
More Results
Research Notes on Emerging Areas of Conflict in Security
Area that focuses on understanding economics of information security processes such as implementation of a technology or incorporation of security measure in an existing business application or institution of a new organizational security policy.
Full Text Chapter Download: US $37.50 Add to Cart
eContent Pro Discount Banner
InfoSci OnDemandECP Editorial ServicesAGOSR