Enterprise security investment through time when facing different types of vulnerabilities
Author
Abstract
Suggested Citation
DOI: 10.1007/s10796-017-9745-3
Download full text from publisher
As the access to this document is restricted, you may want to search for a different version of it.
References listed on IDEAS
- Michael Hertel & Julia Wiesent, 2013. "Investments in information systems: A contribution towards sustainability," Information Systems Frontiers, Springer, vol. 15(5), pages 815-829, November.
- Menoncin, Francesco, 2002. "Optimal portfolio and background risk: an exact and an approximated solution," Insurance: Mathematics and Economics, Elsevier, vol. 31(2), pages 249-265, October.
- Jack Meyer, 2010.
"Representing risk preferences in expected utility based decision models,"
Annals of Operations Research, Springer, vol. 176(1), pages 179-190, April.
- Meyer, Jack, 2007. "Representing Risk Preferences in Expected Utility Based Decision Models," SCC-76 Meeting, 2007, March 15-17, Gulf Shores, Alabama 9380, SCC-76: Economics and Management of Risk in Agriculture and Natural Resources.
- Sid Browne, 1995. "Optimal Investment Policies for a Firm With a Random Risk Process: Exponential Utility and Minimizing the Probability of Ruin," Mathematics of Operations Research, INFORMS, vol. 20(4), pages 937-958, November.
- Kjell Hausken, 2014. "Returns to information security investment: Endogenizing the expected loss," Information Systems Frontiers, Springer, vol. 16(2), pages 329-336, April.
- Esther Gal-Or & Anindya Ghose, 2005.
"The Economic Incentives for Sharing Security Information,"
Information Systems Research, INFORMS, vol. 16(2), pages 186-208, June.
- Esther Gal-Or & Anindya Ghose, 2005. "The Economic Incentives for Sharing Security Information," Industrial Organization 0503004, University Library of Munich, Germany.
- Derrick Huang, C. & Hu, Qing & Behara, Ravi S., 2008. "An economic analysis of the optimal information security investment in the case of a risk-averse firm," International Journal of Production Economics, Elsevier, vol. 114(2), pages 793-804, August.
- Kjell Hausken, 2006. "Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability," Information Systems Frontiers, Springer, vol. 8(5), pages 338-349, December.
- Daniel Schatz & Rabih Bashroush, 0. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 0, pages 1-24.
- Charness, Gary & Gneezy, Uri & Imas, Alex, 2013. "Experimental methods: Eliciting risk preferences," Journal of Economic Behavior & Organization, Elsevier, vol. 87(C), pages 43-51.
- Huang, C. Derrick & Behara, Ravi S., 2013. "Economics of information security investment in the case of concurrent heterogeneous attacks with budget constraints," International Journal of Production Economics, Elsevier, vol. 141(1), pages 255-268.
- Browne, S., 1995. "Optimal Investment Policies for a Firm with a Random Risk Process: Exponential Utility and Minimizing the Probability of Ruin," Papers 95-08, Columbia - Graduate School of Business.
- J. Francois Outreville, 2014. "Risk Aversion, Risk Behavior, and Demand for Insurance: A Survey," Journal of Insurance Issues, Western Risk and Insurance Association, vol. 37(2), pages 158-186.
- Fang Fang & Manoj Parameswaran & Xia Zhao & Andrew B. Whinston, 2014. "An economic mechanism to manage operational security risks for inter-organizational information systems," Information Systems Frontiers, Springer, vol. 16(3), pages 399-416, July.
- Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William, 2003. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, Elsevier, vol. 22(6), pages 461-485.
- Barry A. Cumbie & Chetan S. Sankar, 2012. "Choice of governance mechanisms to promote information sharing via boundary objects in the disaster recovery process," Information Systems Frontiers, Springer, vol. 14(5), pages 1079-1094, December.
- Christian Ullrich, 2013. "Valuation of IT Investments Using Real Options Theory," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 5(5), pages 331-341, October.
- Xing Gao & Weijun Zhong & Shue Mei, 2015. "Security investment and information sharing under an alternative security breach probability function," Information Systems Frontiers, Springer, vol. 17(2), pages 423-438, April.
- Sam Ransbotham & Sabyasachi Mitra, 2009. "Choice and Chance: A Conceptual Model of Paths to Information Security Compromise," Information Systems Research, INFORMS, vol. 20(1), pages 121-139, March.
- Hausken, Kjell, 2007. "Information sharing among firms and cyber attacks," Journal of Accounting and Public Policy, Elsevier, vol. 26(6), pages 639-688.
Citations
Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
Cited by:
- Dan J. Kim & Indranil Bose & Arunabha Mukhopadhyay, 2023. "Special Issue on Bright Information and Communication Technologies in the 21st Century," Information Systems Frontiers, Springer, vol. 25(5), pages 1661-1665, October.
- Kjell Hausken & Jonathan W. Welburn, 2021. "Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits," Information Systems Frontiers, Springer, vol. 23(6), pages 1609-1620, December.
- Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
- Tejaswini C. Herath & Hemantha S. B. Herath & David Cullum, 2023. "An Information Security Performance Measurement Tool for Senior Managers: Balanced Scorecard Integration for Security Governance and Control Frameworks," Information Systems Frontiers, Springer, vol. 25(2), pages 681-721, April.
- Petar Radanliev & David Roure & Max Kleek & Uchenna Ani & Pete Burnap & Eirini Anthi & Jason R. C. Nurse & Omar Santos & Rafael Mantilla Montalvo & La’Treall Maddox, 2021. "Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge," Environment Systems and Decisions, Springer, vol. 41(2), pages 236-247, June.
Most related items
These are the items that most often cite the same works as this one and are cited by the same works as this one.- Yosra Miaoui & Noureddine Boudriga, 0. "Enterprise security investment through time when facing different types of vulnerabilities," Information Systems Frontiers, Springer, vol. 0, pages 1-40.
- Yong Wu & Gengzhong Feng & Richard Y. K. Fung, 2018. "Comparison of information security decisions under different security and business environments," Journal of the Operational Research Society, Taylor & Francis Journals, vol. 69(5), pages 747-761, May.
- Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
- Xing Gao & Weijun Zhong, 2015. "Information security investment for competitive firms with hacker behavior and security requirements," Annals of Operations Research, Springer, vol. 235(1), pages 277-300, December.
- Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
- Xinbao Liu & Xiaofei Qian & Jun Pei & Panos M. Pardalos, 2018. "Security investment and information sharing in the market of complementary firms: impact of complementarity degree and industry size," Journal of Global Optimization, Springer, vol. 70(2), pages 413-436, February.
- Xing Gao & Weijun Zhong, 2016. "Economic incentives in security information sharing: the effects of market structures," Information Technology and Management, Springer, vol. 17(4), pages 361-377, December.
- Xiaofei Qian & Jun Pei & Xinbao Liu & Mi Zhou & Panos M. Pardalos, 2019. "Information security decisions for two firms in a market with different types of customers," Journal of Combinatorial Optimization, Springer, vol. 38(4), pages 1263-1285, November.
- Xing Gao & Weijun Zhong & Shue Mei, 2014. "A game-theoretic analysis of information sharing and security investment for complementary firms," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 65(11), pages 1682-1691, November.
- Xing Gao & Weijun Zhong & Shue Mei, 2015. "Security investment and information sharing under an alternative security breach probability function," Information Systems Frontiers, Springer, vol. 17(2), pages 423-438, April.
- Yong Wu & Mengyao Xu & Dong Cheng & Tao Dai, 2022. "Information Security Strategies for Information-Sharing Firms Considering a Strategic Hacker," Decision Analysis, INFORMS, vol. 19(2), pages 99-122, June.
- Kjell Hausken, 2017. "Security Investment, Hacking, and Information Sharing between Firms and between Hackers," Games, MDPI, vol. 8(2), pages 1-23, May.
- Daniel Schatz & Rabih Bashroush, 2017. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 19(5), pages 1205-1228, October.
- Kjell Hausken, 2018. "Proactivity and Retroactivity of Firms and Information Sharing of Hackers," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 20(01), pages 1-30, March.
- Levitin, Gregory & Hausken, Kjell & Taboada, Heidi A. & Coit, David W., 2012. "Data survivability vs. security in information systems," Reliability Engineering and System Safety, Elsevier, vol. 100(C), pages 19-27.
- Alessandro Fedele & Cristian Roner, 2022.
"Dangerous games: A literature review on cybersecurity investments,"
Journal of Economic Surveys, Wiley Blackwell, vol. 36(1), pages 157-187, February.
- Alessandro Fedele & Cristian Roner, 2020. "Dangerous Games: A Literature Review on Cybersecurity Investments," BEMPS - Bozen Economics & Management Paper Series BEMPS75, Faculty of Economics and Management at the Free University of Bozen.
- Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 0. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 0, pages 1-18.
- Paul, Jomon A. & Zhang, Minjiao, 2021. "Decision support model for cybersecurity risk planning: A two-stage stochastic programming framework featuring firms, government, and attacker," European Journal of Operational Research, Elsevier, vol. 291(1), pages 349-364.
- Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 2021. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 23(3), pages 773-790, June.
- Lu Xu & Yanhui Li & Jing Fu, 2019. "Cybersecurity Investment Allocation for a Multi-Branch Firm: Modeling and Optimization," Mathematics, MDPI, vol. 7(7), pages 1-20, July.
More about this item
Keywords
Optimal investment; Information security; Utility theory; Economics of security; Security threats and vulnerabilities;All these keywords.
Statistics
Access and download statisticsCorrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:infosf:v:21:y:2019:i:2:d:10.1007_s10796-017-9745-3. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .
Please note that corrections may take a couple of weeks to filter through the various RePEc services.