期刊
INFORMATION & MANAGEMENT
卷 52, 期 1, 页码 123-134出版社
ELSEVIER
DOI: 10.1016/j.im.2014.10.009
关键词
Information security management; Security investment decisions; Simulation; System dynamics
Managing security for information assets is a critically important and challenging task. As organizations provide clients with ubiquitous access to information systems and the frequency and sophistication of security threats grows, the need to provide security assumes greater importance. Effective information security management requires security resources be deployed on multiple fronts, including attack prevention, vulnerability reduction, and threat deterrence. Using a system dynamics model, this study evaluates alternative security management strategies through an investment and security cost lens, to provide managers guidance for security decisions. The results suggest that investing in security detection tools has a higher payoff than does deterrence investment. (C) 2014 Elsevier B.V. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据