IT security risk management under network effects and layered protection strategy
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
Author(s)
Detail(s)
| Original language | English |
|---|---|
| Pages (from-to) | 331-348 |
| Journal / Publication | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Volume | 3073 |
| Publication status | Published - 2004 |
| Externally published | Yes |
Link(s)
Abstract
This paper considers the implications of network effects and distinction of security measures in the risk management procedure. We compare three models in the risk management procedure: without network effects and general protection measures, without network effects but with general protection, and with both network effects and general protection measures. The paper details the impact in terms of security risks, investment levels, and benefits of security investment, in the three models. We show that the preferable way to conduct risk management procedure is to follow the latter of the three models.
Citation Format(s)
IT security risk management under network effects and layered protection strategy. / Yue, Wei T.; Cakanyildirim, Metin; Ryu, Young U. et al.
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 3073, 2004, p. 331-348.
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 3073, 2004, p. 331-348.
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
