nach oben

Erschienen in:

2009 | OriginalPaper | Buchkapitel

1. Managing Information Risk and the Economics of Security

verfasst von : M. Eric Johnson

Erschienen in: Managing Information Risk and the Economics of Security

Verlag: Springer US

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Information risk and the economics of managing security is a concern of private-sector executives, public policy makers, and citizens. In this introductory chapter, we examine the nature of information risk and security economics from multiple perspectives including chief information security officers of large firms, representatives from the media that cover information security for both technical and mass media publications, and agencies of the government involved in cyber crime investigation and prosecution. We also briefly introduce the major themes covered in the five primary sections of the book.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nächstes Kapitel Nonbanks and Risk in Retail Payments: EU and U.S.

Many people contributed to this overview by framing panel discussions at WEIS, recording panelist discussions, and directly contributing to related publications. In particular, I thank Jane Applegate of Tuck’s Center for Digital Strategies and Eric Goetz of the I3Pfor their direct contributions to this manuscript. This material is based upon work partially supported by the U.S. Department of Homeland Security under Grant Award Numbers 2006-CS-001-000001 and 2003-TK-TX-0003, under the auspices of the Institute for Information Infrastructure Protection (I3P) and through the Institute for Security Technology Studies (ISTS). The I3P is managed by Dartmouth College. The views and conclusions contained in this document are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland Security, the I3P, ISTS, or Dartmouth College.

Acohido, B. and Swartz, J. Zero Day Threat, Steerling Publishing, New York, NY, 2008.

Andrijcic, Eand Horowitz, B. “A Macro-Economic Framework for Evaluation of Cyber Security Risks Related to Protection of Intellectual Property,” Risk Analysis, Vol. 26(4), 2006, pp. 907–923.CrossRef

Anderson, R. Security Engineering, Second Edition, Wiley Publishing Inc, Indianapolis, IN, 2008.

Anderson, Rand Moore, T. “The Economics of Information Security,” Science 314(5799) 2006, pp. 610–613.CrossRef

Camp, J.,Economics of Identity Theft, Springer Science+Business Media, New York, NY, 2007.

Goetz, E. and Johnson, M.E. “Security through Information Risk Management.” I3P Technical Report. Dartmouth College, 2007. http://mba.tuck.dartmouth.edu/ digital/Programs/Corporate Events/CISO2007/Overview.pdf.

Goetz, E. and Shenoi, S. Critical Infrastructure Protection, Springer Science+Business Media, New York, NY, 2008.

Gordon, L.A. and Loeb, M.P. “Process For Deciding on Information Security Expenditures: Empirical Evidence,” Communications of the ACM, (January), 2006, pp. 121–125.

Johnson, M.E., Goetz, E., and Pfleeger, S.L. “Security through Information Risk Management,” forthcoming in IEEE Security and Privacy, 2008.

Johnson, M.E. and Goetz, E. “Embedding Information Security Risk Management into the Extended Enterprise,” IEEE Security and Privacy, 5(3), 2007, pp. 16–24.CrossRef

Jolly, D. “Fraud Costs French Bank $7.1 Billion,” New York Times, 2008.

Kannan, K. and Telang, R. “Market for Software Vulnerabilities? Think Again,” Management Science (51:5), 2005, pp. 726–740.CrossRef

Pereira, J., Levitz, J., and Singer-Vine, J. “Some Stores Quiet Over Card Breach,” Wall Street Journal, August 11, 2008, B1.

Sidel, R. “Stores Blame Checkout Software for Security Breaches,” Wall Street Journal, January 18, 2007, D1.

Titel: Managing Information Risk and the Economics of Security
verfasst von: M. Eric Johnson
Verlag: Springer US
Buch: Managing Information Risk and the Economics of Security
Print ISBN: 978-0-387-09761-9

Electronic ISBN: 978-0-387-09762-6

Copyright-Jahr: 2009
DOI: https://doi.org/10.1007/978-0-387-09762-6_1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner