Measuring computer system security using software security metrics
Proceedings of the 2nd IFIP international conference on Computer security: a global challenge
Business in the Information Age: Heading for New Processes
Business in the Information Age: Heading for New Processes
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Communications of the ACM - E-services: a cornucopia of digital offerings ushers in the next Net-based evolution
Assessing the Risk in E-commerce
HICSS '02 Proceedings of the 35th Annual Hawaii International Conference on System Sciences (HICSS'02)-Volume 7 - Volume 7
Journal of Computer Security - IFIP 2000
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
Improving CVSS-based vulnerability prioritization and response with context information
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Addressing misalignment between information security metrics and business-driven security objectives
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Knowing the Enemy at the Gates: Measuring Attacker Motivation
International Journal of Interdisciplinary Telecommunications and Networking
| Hi-index | 0.00 |
Growing business integration raises the need for secure business processes as security problems can affect the profit and the reputation of a company. However, decisions regarding a reasonable level of security in a business environment are often made in a value-neutral way.This paper presents a framework for the valuation of cost-benefit of various security levels with business processes. The framework can be used for planning security levels in software development and allows further continuous monitoring and improvement of cost-benefit of security measures along with operative business processes.