Economic valuation for information security investment: a systematic literature review
Author
Abstract
Suggested Citation
DOI: 10.1007/s10796-016-9648-8
Download full text from publisher
As the access to this document is restricted, you may want to search for a different version of it.
References listed on IDEAS
- Huang, C. Derrick & Behara, Ravi S., 2013. "Economics of information security investment in the case of concurrent heterogeneous attacks with budget constraints," International Journal of Production Economics, Elsevier, vol. 141(1), pages 255-268.
- R. H. Strotz, 1955. "Myopia and Inconsistency in Dynamic Utility Maximization," The Review of Economic Studies, Review of Economic Studies Ltd, vol. 23(3), pages 165-180.
- Maryam Alavi & John C. Henderson, 1981. "An Evolutionary Strategy for Implementing a Decision Support System," Management Science, INFORMS, vol. 27(11), pages 1309-1323, November.
- Richard H. Thaler & Cass R. Sunstein, 2023.
"Libertarian paternalism,"
Chapters, in: Cass R. Sunstein & Lucia A. Reisch (ed.), Research Handbook on Nudges and Society, chapter 1, pages 10-16,
Edward Elgar Publishing.
- Richard H. Thaler & Cass R. Sunstein, 2003. "Libertarian Paternalism," American Economic Review, American Economic Association, vol. 93(2), pages 175-179, May.
- Amanda Eisenga & Travis L. Jones & Walter Rodriguez, 2012. "Investing in IT Security: How to Determine the Maximum Threshold," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 6(3), pages 75-87, July.
- Hausken, Kjell, 2006. "Income, interdependence, and substitution effects affecting incentives for security investment," Journal of Accounting and Public Policy, Elsevier, vol. 25(6), pages 629-665.
- Thomas L. Saaty, 1994. "How to Make a Decision: The Analytic Hierarchy Process," Interfaces, INFORMS, vol. 24(6), pages 19-43, December.
- Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William, 2003. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, Elsevier, vol. 22(6), pages 461-485.
- Cass R. Sunstein & Richard H. Thaler, 2003. "Libertarian paternalism is not an oxymoron," Conference Series ; [Proceedings], Federal Reserve Bank of Boston, vol. 48(Jun).
- Khansa, Lara & Liginlal, Divakaran, 2009. "Valuing the flexibility of investing in security process innovations," European Journal of Operational Research, Elsevier, vol. 192(1), pages 216-235, January.
- Lawrence Gordon & Martin Loeb & Tashfeen Sohail & Chih-Yang Tseng & Lei Zhou, 2008. "Cybersecurity, Capital Allocations and Management Control Systems," European Accounting Review, Taylor & Francis Journals, vol. 17(2), pages 215-241.
- Gordon, Lawrence A. & Loeb, Stephen E., 1982. "Accounting and public policy," Journal of Accounting and Public Policy, Elsevier, vol. 1(1), pages 1-3.
- Hausken, Kjell, 2007. "Information sharing among firms and cyber attacks," Journal of Accounting and Public Policy, Elsevier, vol. 26(6), pages 639-688.
Citations
Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
Cited by:
- Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
- Simon Trang & Benedikt Brendel, 2019. "A Meta-Analysis of Deterrence Theory in Information Security Policy Compliance Research," Information Systems Frontiers, Springer, vol. 21(6), pages 1265-1284, December.
- David Rios Insua & Aitor Couce‐Vieira & Jose A. Rubio & Wolter Pieters & Katsiaryna Labunets & Daniel G. Rasines, 2021. "An Adversarial Risk Analysis Framework for Cybersecurity," Risk Analysis, John Wiley & Sons, vol. 41(1), pages 16-36, January.
- Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
- Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 0. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 0, pages 1-18.
- Yosra Miaoui & Noureddine Boudriga, 0. "Enterprise security investment through time when facing different types of vulnerabilities," Information Systems Frontiers, Springer, vol. 0, pages 1-40.
- Petar Radanliev & David Roure & Max Kleek & Uchenna Ani & Pete Burnap & Eirini Anthi & Jason R. C. Nurse & Omar Santos & Rafael Mantilla Montalvo & La’Treall Maddox, 2021. "Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems: cyber risk at the edge," Environment Systems and Decisions, Springer, vol. 41(2), pages 236-247, June.
- Martin (Dae Youp) Kang & Anat Hovav, 2020. "Benchmarking Methodology for Information Security Policy (BMISP): Artifact Development and Evaluation," Information Systems Frontiers, Springer, vol. 22(1), pages 221-242, February.
- Yosra Miaoui & Noureddine Boudriga, 2019. "Enterprise security investment through time when facing different types of vulnerabilities," Information Systems Frontiers, Springer, vol. 21(2), pages 261-300, April.
- Chenglong Zhang & Nan Feng & Jianjian Chen & Dahui Li & Minqiang Li, 2021. "Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities," Information Systems Frontiers, Springer, vol. 23(3), pages 773-790, June.
Most related items
These are the items that most often cite the same works as this one and are cited by the same works as this one.- Daniel Schatz & Rabih Bashroush, 2017. "Economic valuation for information security investment: a systematic literature review," Information Systems Frontiers, Springer, vol. 19(5), pages 1205-1228, October.
- Xing Gao & Weijun Zhong & Shue Mei, 2014. "A game-theoretic analysis of information sharing and security investment for complementary firms," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 65(11), pages 1682-1691, November.
- Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
- Xinbao Liu & Xiaofei Qian & Jun Pei & Panos M. Pardalos, 2018. "Security investment and information sharing in the market of complementary firms: impact of complementarity degree and industry size," Journal of Global Optimization, Springer, vol. 70(2), pages 413-436, February.
- Markus Haavio & Kaisa Kotakorpi, 2012.
"Sin Licenses Revisited,"
CESifo Working Paper Series
4010, CESifo.
- Markus Haavio and Kaisa Kotakorpi, 2012. "Sin Licenses Revisited," Discussion Papers 75, Aboa Centre for Economics.
- Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
- Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
- Kjell Hausken, 2017. "Security Investment, Hacking, and Information Sharing between Firms and between Hackers," Games, MDPI, vol. 8(2), pages 1-23, May.
- Maria Alessandra Antonelli & Valeria De Bonis & Angelo Castaldo & Alessandrao Gandolfo, 2022. "Sin goods taxation: an encompassing model," Public Finance Research Papers 52, Istituto di Economia e Finanza, DSGE, Sapienza University of Rome.
- Kjell Hausken, 2018. "Proactivity and Retroactivity of Firms and Information Sharing of Hackers," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 20(01), pages 1-30, March.
- Axel H. Börsch-Supan & Tabea Bucher-Koenen & Michael D. Hurd & Susann Rohwedder, 2018. "Saving Regret," NBER Working Papers 25238, National Bureau of Economic Research, Inc.
- Levitin, Gregory & Hausken, Kjell & Taboada, Heidi A. & Coit, David W., 2012. "Data survivability vs. security in information systems," Reliability Engineering and System Safety, Elsevier, vol. 100(C), pages 19-27.
- Linda Thunström & Jonas Nordström & Jason F. Shogren & Mariah Ehmke & Klaas Veld, 2016.
"Strategic self-ignorance,"
Journal of Risk and Uncertainty, Springer, vol. 52(2), pages 117-136, April.
- Thunstrom, Linda & Nordstrom, Jonas & Shogren, Jason F. & Ehmke, Mariah D., 2012. "Strategic Self-Ignorance," 2012 Annual Meeting, August 12-14, 2012, Seattle, Washington 123949, Agricultural and Applied Economics Association.
- Thunström, Linda & Nordström, Jonas & Shogren, Jason F. & Ehmke, Mariah & van 't Veld, Klaas, 2013. "Strategic Self-Ignorance," Working Papers 2013:17, Lund University, Department of Economics.
- Krügel, Sebastian & Uhl, Matthias, 2023. "Is only one of my selves authentic? An empirical approach," Journal of Behavioral and Experimental Economics (formerly The Journal of Socio-Economics), Elsevier, vol. 102(C).
- Daniel Serra, 2019.
"Neuroeconomics and modern neuroscience,"
CEE-M Working Papers
halshs-02160907, CEE-M, Universtiy of Montpellier, CNRS, INRA, Montpellier SupAgro.
- Daniel Serra, 2019. "Neuroeconomics and modern neuroscience," Working Papers halshs-02160907, HAL.
- Yong Wu & Mengyao Xu & Dong Cheng & Tao Dai, 2022. "Information Security Strategies for Information-Sharing Firms Considering a Strategic Hacker," Decision Analysis, INFORMS, vol. 19(2), pages 99-122, June.
- Chul Ho Lee & Xianjun Geng & Srinivasan Raghunathan, 2016. "Mandatory Standards and Organizational Information Security," Information Systems Research, INFORMS, vol. 27(1), pages 70-86, March.
- Yu, Pei Cheng, 2020.
"Seemingly exploitative contracts,"
Journal of Economic Behavior & Organization, Elsevier, vol. 176(C), pages 299-320.
- Pei-Cheng Yu, 2018. "Seemingly Exploitative Contracts," Discussion Papers 2018-15, School of Economics, The University of New South Wales.
- Robert Sugden, 2015. "Consumers' surplus when individuals lack integrated preferences: A development of some ideas from Dupuit," The European Journal of the History of Economic Thought, Taylor & Francis Journals, vol. 22(6), pages 1042-1063, December.
- Matthias Uhl, 2011. "Do Self-Committers Mind Other-Imposed Commitment? An Experiment on Weak Paternalism," Rationality, Markets and Morals, Frankfurt School Verlag, Frankfurt School of Finance & Management, vol. 2(40), June.
More about this item
Keywords
Information systems; Information security; Econometrics; Return on security investment; Systematic literature review; Managerial risk accounting;All these keywords.
Statistics
Access and download statisticsCorrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:infosf:v::y::i::d:10.1007_s10796-016-9648-8. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .
Please note that corrections may take a couple of weeks to filter through the various RePEc services.