This paper provides an analysis of how the benefits of information segmentation can assist an organization to derive the appropriate amount to invest in cybersecurity from a cost-benefit perspective. An analytical mod...This paper provides an analysis of how the benefits of information segmentation can assist an organization to derive the appropriate amount to invest in cybersecurity from a cost-benefit perspective. An analytical model based on the framework of the Gordon-Loeb Model (<span><span><span style="font-family:Verdana;">[1]</span><span></span></span></span><span><span></span></span><span></span><span><span></span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">) is presented that provides a set of sufficient conditions for information segmentation to lower the total investments in cybersecurity and the expected loss from cybersecurity breaches. A numerical example illustrating the insights gained from the model is also presented.</span></span></span>展开更多
Given the importance of cybersecurity to the survival of an organization, a fundamental economics-based question that must be addressed by all organizations is: How much should be invested in cybersecurity related act...Given the importance of cybersecurity to the survival of an organization, a fundamental economics-based question that must be addressed by all organizations is: How much should be invested in cybersecurity related activities? Gordon and Loeb [1] presented a model to address this question, and that model has received a significant amount of attention in the academic and practitioner literature. The primary objective of this paper is to discuss the Gordon-Loeb Model with a focus on gaining insights for the model’s use in a practical setting.展开更多
文摘This paper provides an analysis of how the benefits of information segmentation can assist an organization to derive the appropriate amount to invest in cybersecurity from a cost-benefit perspective. An analytical model based on the framework of the Gordon-Loeb Model (<span><span><span style="font-family:Verdana;">[1]</span><span></span></span></span><span><span></span></span><span></span><span><span></span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">) is presented that provides a set of sufficient conditions for information segmentation to lower the total investments in cybersecurity and the expected loss from cybersecurity breaches. A numerical example illustrating the insights gained from the model is also presented.</span></span></span>
文摘Given the importance of cybersecurity to the survival of an organization, a fundamental economics-based question that must be addressed by all organizations is: How much should be invested in cybersecurity related activities? Gordon and Loeb [1] presented a model to address this question, and that model has received a significant amount of attention in the academic and practitioner literature. The primary objective of this paper is to discuss the Gordon-Loeb Model with a focus on gaining insights for the model’s use in a practical setting.