Welcome to the InfoSci Platform
Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment

Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment

Warren Axelrod
Copyright: © 2007 |Pages: 25
ISBN13: 9781599041711|ISBN10: 1599041715|ISBN13 Softcover: 9781616927783|EISBN13: 9781599041735
DOI: 10.4018/978-1-59904-171-1.ch001
Cite Chapter Cite Chapter

MLA

Axelrod, Warren. "Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment." Managing Information Assurance in Financial Services, edited by H.R. Rao, et al., IGI Global, 2007, pp. 1-25. https://doi.org/10.4018/978-1-59904-171-1.ch001

APA

Axelrod, W. (2007). Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment. In H. Rao, M. Gupta, & S. Upadhyaya (Eds.), Managing Information Assurance in Financial Services (pp. 1-25). IGI Global. https://doi.org/10.4018/978-1-59904-171-1.ch001

Chicago

Axelrod, Warren. "Analyzing Risks to Determine a New Return on Security Investment: Optimizing Security in an Escalating Threat Environment." In Managing Information Assurance in Financial Services, edited by H.R. Rao, Manish Gupta, and Shambhu J. Upadhyaya, 1-25. Hershey, PA: IGI Global, 2007. https://doi.org/10.4018/978-1-59904-171-1.ch001

Export Reference

Mendeley
Favorite

Abstract

This chapter expands upon standard methods of calculating the return on security investment (ROSI) in several ways. First, it accounts for the dynamic nature of threats, vulnerabilities, and defenses as they apply to the finance sector. Second, it takes a more holistic view of security investments using a portfolio method. The protection of information assets can be viewed in two ways. One is the hierarchical view of security measures, such as avoidance, deterrence, and prevention. The other is defense in depth, wherein various security tools and processes, such as firewalls, identity and access management, and intrusion detection and prevention products, are combined for greater overall protection. The reader will gain a deeper understanding of the factors that affect the risks and returns of investments in security measures, tools, and processes and will find that using the portfolio approach leads to more cost-effective security.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.