The Price of Security: The Challenge of Measuring Business Value Investments in Securing Information Systems
نویسنده
چکیده
With powerful regulations surrounding security and privacy of information, the authors attempt to identify challenges valuing information security investments. The authors examine three primary approaches to measuring information value: Perceived, Real, and Normative. Literature is reviewed and the approaches are examined in terms of their strengths and weaknesses in providing value measurements for secure information systems. A framework is presented to suggest at what level in an organization and in what situations these information value approaches are most suitable.
منابع مشابه
Comparing Different Methodologies Used To Ensure the Security of RFID Credit Card: A Comparative Analysis
The use of Radio Frequency Identification (RFID) advancement is turning out to be rapidly transversely over an extensive variety of business undertakings. Engineers apply the development not simply in customary applications, for instance, asset or stock after, also in security organizations, electronic travel papers and RFID-embedded card. In any case, RFID development moreover brings different...
متن کاملComparing Different Methodologies Used To Ensure the Security of RFID Credit Card: A Comparative Analysis
The use of Radio Frequency Identification (RFID) advancement is turning out to be rapidly transversely over an extensive variety of business undertakings. Engineers apply the development not simply in customary applications, for instance, asset or stock after, also in security organizations, electronic travel papers and RFID-embedded card. In any case, RFID development moreover brings different...
متن کاملامنیت اطلاعات سامانه های تحت وب نهاد کتابخانه های عمومی کشور
Purpose: This paper aims to evaluate the security of web-based information systems of Iran Public Libraries Foundation (IPLF). Methodology: Survey method was used as a method for implementation. The tool for data collection was a questionnaire, based on the standard ISO/IEC 27002, that has the eleven indicators and 79 sub-criteria, which examines security of web-based information systems of IP...
متن کاملCritical Success Factors in implementing information security governance (Case study: Iranian Central Oil Fields Company)
The oil industry, as one of the main industries of the country, has always faced cyber attacks and security threats. Therefore, the integration of information security in corporate governance is essential and a governance challenge. The integration of information security and corporate governance is called information security governance. In this research, we identified "critical success factor...
متن کاملMeasuring gas demand security using Principal Component Analysis (PCA): A case study
Safeguarding the energy security is an important energy policy goal of every country. Assuring sufficient and reliable resources of energy at affordable prices is the main objective of energy security. Due to such reasons as special geopolitical position, terrorist attacks and other unrest in the Middle East, securing Iran’s energy demand and increasing her natural gas exports have turned into ...
متن کامل