Abstract | ||
---|---|---|
This paper considers two important issues related to security risk management. First, the presence of network externalities in security risks. Second, the distinction of general (network) and system-specific protection measures. We found the optimal allocation of security resources (investments) in protecting every system in an organization. The results show that the consideration of network externalities and layered protection changes the risk mitigation decisions significantly. In addition, accurate estimation of system risk plays a critical role in the success of risk management. Otherwise, the use of a uniform baseline protection approach may be more desirable when the misjudgment of relative system risks is likely to occur. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1016/j.dss.2006.08.009 | Decision Support Systems |
Keywords | Field | DocType |
it risk management,risk management,security resource,layered protection change,system-specific protection measure,relative system risk,system risk,it security risk management,network externality,security risk management,security resource planning,security risk,risk mitigation decision,it risk mitigation,security investments,it risk analysis,risk factor,economy,inversion,systemic risk,risk analysis,externality,risk mitigation,information system,computer security,reactive system,it security,investment,resource allocation,production management,planning | Information system,Computer science,Computer security,Risk analysis (business),Risk factor (computing),Network effect,Resource allocation,Risk management,IT risk management,Security management | Journal |
Volume | Issue | ISSN |
44 | 1 | Decision Support Systems |
Citations | PageRank | References |
25 | 1.42 | 20 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Wei T. Yue | 1 | 113 | 12.11 |
Metin Çakanyildirim | 2 | 150 | 12.59 |
Young U. Ryu | 3 | 390 | 34.23 |
Dengpan Liu | 4 | 107 | 7.93 |