Cost-Benefit analysis of security investments: methodology and case study
2005
We live in an unsafe world in which we encounter threats against our safety and security every day. This is especially true in the information processing environment. Managements are engaging and facing difficult problems to manage information security issues. One of the most brain-teasing management issues is “How they could make a decision on security-related investment to maximize the economic balance?” To solve this problem the ROI of security investments must be measured and managed. This paper provides the integrated methodology which consists of a process model and analysis criteria of cost factors and benefit factors to support an economic justification of security investments. Also, a case study is provided to show practicality of this methodology.
Keywords:
- Computer security model
- Security through obscurity
- Information security
- Management science
- Operations research
- Computer science
- Security convergence
- Asset (computer security)
- Return on investment
- Security information and event management
- Distributed computing
- Cloud computing security
- Mathematical optimization
- Risk analysis (engineering)
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
30
References
13
Citations
NaN
KQI