Back to Search
Start Over
Network externalities, layered protection and IT security risk management
- Source :
- Decision Support Systems. 44:1-16
- Publication Year :
- 2007
- Publisher :
- Elsevier BV, 2007.
-
Abstract
- This paper considers two important issues related to security risk management. First, the presence of network externalities in security risks. Second, the distinction of general (network) and system-specific protection measures. We found the optimal allocation of security resources (investments) in protecting every system in an organization. The results show that the consideration of network externalities and layered protection changes the risk mitigation decisions significantly. In addition, accurate estimation of system risk plays a critical role in the success of risk management. Otherwise, the use of a uniform baseline protection approach may be more desirable when the misjudgment of relative system risks is likely to occur.
- Subjects :
- Information Systems and Management
business.industry
Inversion (meteorology)
Computer security
computer.software_genre
Management Information Systems
IT risk management
Arts and Humanities (miscellaneous)
Production manager
Developmental and Educational Psychology
Information system
Security management
Business
computer
Network effect
Externality
Risk management
Information Systems
Subjects
Details
- ISSN :
- 01679236
- Volume :
- 44
- Database :
- OpenAIRE
- Journal :
- Decision Support Systems
- Accession number :
- edsair.doi...........d75a4a170e845fc94e66d5c6b3b22bc4