Information Security Investment: Expected Utility Approach with Correlated Information Assets

被引:0
|
作者
Park, Sungjune [1 ]
Mayadunne, Sanjaya [2 ]
机构
[1] Univ North Carolina Charlotte, Charlotte, NC 28223 USA
[2] Georgia Gwinnett Coll, Lawrenceville, GA USA
来源
AMCIS 2015 PROCEEDINGS | 2015年
关键词
Information security; expected utility approach; risk taking;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper analyzes the information security investment decisions by a firm with two correlated information assets. When information assets are correlated, a firm may face additional losses compared to a loss from a single breach, and the probability of security breach on one set may increase the probability on the other. We model the security investment of a risk-taking firm as well as risk-neutral firm by taking an expected utility approach. We then compare the decisions made by a risk-taking firm to those made by a risk-neutral firm. We will also examine how decision maker allocates funds in protecting two information sets with a limited budget.
引用
收藏
页数:1
相关论文
共 50 条
  • [1] A game of information security investment considering security insurance and complementary information assets
    Qian, Xiaofei
    Yang, Wujuan
    Pei, Jun
    Liu, Xinbao
    Pardalos, Panos M.
    INTERNATIONAL TRANSACTIONS IN OPERATIONAL RESEARCH, 2022, 29 (03) : 1791 - 1824
  • [2] Returns to information security investment: Endogenizing the expected loss
    Kjell Hausken
    Information Systems Frontiers, 2014, 16 : 329 - 336
  • [3] Returns to information security investment: Endogenizing the expected loss
    Hausken, Kjell
    INFORMATION SYSTEMS FRONTIERS, 2014, 16 (02) : 329 - 336
  • [4] EXPECTED INFORMATION AS EXPECTED UTILITY
    BERNARDO, JM
    ANNALS OF STATISTICS, 1979, 7 (03): : 686 - 690
  • [5] SECURITY IN HUMAN INFORMATION ASSETS
    Mario Cadavid-Aguirre, Jorge
    REVISTA DIGITAL LAMPSAKOS, 2013, (10): : 17 - 19
  • [6] INFORMATION AND OPTIMAL INVESTMENT IN DEFAULTABLE ASSETS
    Di Nunno, Giulia
    Sjursen, Steffen
    INTERNATIONAL JOURNAL OF THEORETICAL AND APPLIED FINANCE, 2014, 17 (08)
  • [7] Expected utility maximization for an insurer with investment and risk control under inside information
    Peng, Xingchun
    COMMUNICATIONS IN STATISTICS-THEORY AND METHODS, 2022, 51 (04) : 1029 - 1053
  • [8] Valuing information security investment: A real options approach
    Wang, Jun
    Ding, Bin
    Ren, YunFei
    Zheng, JiaXiang
    Guo, HongYu
    2012 FIFTH INTERNATIONAL CONFERENCE ON BUSINESS INTELLIGENCE AND FINANCIAL ENGINEERING (BIFE), 2012, : 279 - 284
  • [9] A value-at-risk approach to information security investment
    Wang, Jingguo
    Chaudhury, Aby
    Rao, H. Raghav
    INFORMATION SYSTEMS RESEARCH, 2008, 19 (01) : 106 - 120
  • [10] Information security - Protecting your assets
    Vince, J
    ASLIB PROCEEDINGS, 1996, 48 (04): : 109 - 115
12345