The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Evaluating information security investments using the analytic hierarchy process
Communications of the ACM - Medical image modeling
Budgeting process for information security expenditures
Communications of the ACM - Personal information management
Building a better password: the role of cognitive load in information security training
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
| Hi-index | 0.00 |
Information security is a growing concern for today's businesses though it does not always get enough attention. One problem is justifying the budget necessary to properly protect information systems. This paper explores why information security should be a priority for businesses and deals with how a security expert can model potential losses for their organization. There is no silver bullet for modeling security risks so this paper discusses various methods that can be used as guidelines for professionals to make well informed decisions. Not all losses are able to be modeled correctly and for this reason they may be overlooked or improperly understood by an organization. Non-financial losses such as the potential for stock devaluation due to damaged reputations are also explored.