Towards a standard approach for quantifying an ICT security investment
نویسندگان
چکیده
The rise of the potential risks from different attacks on ICT systems means the investment in security technology is growing and is becoming a serious economic issue for many organizations. The assessment of the appropriate investment that is economically affordable and provides enough protection for the enterprise information system is an issue that is analysed here. The paper discusses the identification of the assets, the threats, the vulnerabilities of the ICT systems and provides an approach for the quantification of the necessary investment. The paper concludes with a recommendation for a standard approach to security-information investment assessment. © 2007 Elsevier B.V. All rights reserved.
منابع مشابه
An economic modelling approach to information security risk management
This paper presents an approach enabling economic modelling of information security risk management in contemporaneous businesses and other organizations. In the world of permanent cyber attacks to ICT systems, risk management is becoming a crucial task for minimization of the potential risks that can endeavor their operation. The prevention of the heavy losses that may happen due to cyber atta...
متن کاملBusiness Process Model-Based Evaluation of ICT Investments in Public Administrations
This paper presents an approach to asses ICT investments in public administrations. The public sector bears great potential for business process optimization through ICT. However, these possibilities remain largely unexploited since the effects of ICT on the processes are not clear to decisions makers. To asses this impact all processes of a public administration, the process landscape, have to...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملThe Role of ICT indices in Tourism Demand of Iran (The FMOLS Co-integrating Approach)
The ICT is one of the main determinant factors of e-commerce industry such as tourism industry in developing countries like Iran. For this purpose, the main objective of this paper is to investigate the long-run relationship between ICT indices such as internet users, government expenditures on ICT to the GDP and mobile cellular in Iranian economy during the 1976-2014. The empirical model has b...
متن کاملAn approach to enhance the security of ICT infrastructure through legal, regulatory influences
As information systems and networks (ICTs) are increasingly used by governments, different organisations, businesses and end-users worldwide, there has been a common interest in promoting the security of such systems through a variety of methods and approaches. This interest is important to address the challenges posed by the potential harm from security failures of the systems to national econ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computer Standards & Interfaces
دوره 30 شماره
صفحات -
تاریخ انتشار 2008