Who's on the first—with probability 0.4
Computers and Operations Research
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems
ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Archetypal behavior in computer security
Journal of Systems and Software
Information security and risk management
Communications of the ACM - The psychology of security: why do good users make bad decisions?
The importance of information security spending: an economic approach
Proceedings of the 2008 Spring simulation multiconference
A Layered Decision Model for cost-effective system security
International Journal of Information and Computer Security
Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment
Journal of Management Information Systems
A compound real option and AHP methodology for evaluating ICT business alternatives
Telematics and Informatics
Maximizing network security given a limited budget
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Information security investment decisions: evaluating the Balanced Scorecard method
International Journal of Business Information Systems
QoE in multi-service multi-agent networks
International Journal of Communication Networks and Distributed Systems
Dependability metrics
A web-based multi-perspective decision support system for information security planning
Decision Support Systems
Security metrics and security investment models
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Maximising resource allocation effectiveness for IT security investments
International Journal of Business Information Systems
Managing the investment in information security technology by use of a quantitative modeling
Information Processing and Management: an International Journal
Information Systems and e-Business Management
Information Resources Management Journal
Information Resources Management Journal
The economic impact of cyber terrorism
The Journal of Strategic Information Systems
Hi-index | 0.00 |
In today's information-based economy, organizations must avoid costly information security breaches. Unfortunately, organizations cannot make all of their information 100% secure all of the time. There are economic, as well as technical, impediments that prevent perfect information security. Accordingly, organizations usually prepare an annual fixed (limited) budget for the maintenance and improvement of their information security systems. Two key issues confront the chief information security officer (CISO) of an organization: how to spend this limited information security budget most effectively, and how to make the case to the organization's chief financial officer (CFO) for an increase in funds to further enhance the organization's information security. The primary objective of this article is to show how to use the analytic hierarchy process (AHP) to address these two information security issues.