Information Security Investment: Expected Utility Approach with Correlated Information Assets

被引:0
|
作者
Park, Sungjune [1 ]
Mayadunne, Sanjaya [2 ]
机构
[1] Univ North Carolina Charlotte, Charlotte, NC 28223 USA
[2] Georgia Gwinnett Coll, Lawrenceville, GA USA
来源
AMCIS 2015 PROCEEDINGS | 2015年
关键词
Information security; expected utility approach; risk taking;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper analyzes the information security investment decisions by a firm with two correlated information assets. When information assets are correlated, a firm may face additional losses compared to a loss from a single breach, and the probability of security breach on one set may increase the probability on the other. We model the security investment of a risk-taking firm as well as risk-neutral firm by taking an expected utility approach. We then compare the decisions made by a risk-taking firm to those made by a risk-neutral firm. We will also examine how decision maker allocates funds in protecting two information sets with a limited budget.
引用
收藏
页数:1
相关论文
共 50 条
  • [31] Optimal information security investment in a Healthcare Information Exchange: An economic analysis
    Huang, C. Derrick
    Behara, Ravi S.
    Goo, Jahyun
    DECISION SUPPORT SYSTEMS, 2014, 61 : 1 - 11
  • [32] Investment in real assets and information acquisition: the OCE preferences case
    Giannikos, CI
    Ozenbas, D
    ECONOMICS LETTERS, 2002, 77 (01) : 73 - 78
  • [33] A differential game approach to information security investment under hackers' knowledge dissemination
    Gao, Xing
    Zhong, Weijun
    Mei, Shue
    OPERATIONS RESEARCH LETTERS, 2013, 41 (05) : 421 - 425
  • [34] Information value - An utility approach
    Iyengar, JV
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 1996, 37 (02) : 37 - 40
  • [35] The Theory of Optimal Investment in Information Security and Adjustment Costs: An Impulse Control Approach
    Goto, Makoto
    Tatsumi, Ken-ichi
    RECENT ADVANCES IN FINANCIAL ENGINEERING 2011, 2012, : 73 - 96
  • [36] Information security investment with budget constraint and security information snaring in resource-snaring environments
    Gao, Xing
    Qiu, Manting
    Wang, Ying
    Wang, Xifan
    JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY, 2023, 74 (06) : 1520 - 1535
  • [37] Outsourcing Strategies for Information Security: Correlated Losses and Security Externalities
    Chenglong Zhang
    Nan Feng
    Jianjian Chen
    Dahui Li
    Minqiang Li
    Information Systems Frontiers, 2021, 23 : 773 - 790
  • [38] A model of return on investment for information systems security
    Al-Humaigani, M
    Dunn, DB
    Proceedings of the 46th IEEE International Midwest Symposium on Circuits & Systems, Vols 1-3, 2003, : 483 - 485
  • [39] Prospect Theory and Information Security Investment Decisions
    Young, Diana K.
    Beebe, Nicole L.
    Chang, Frederick R.
    AMCIS 2012 PROCEEDINGS, 2012,
  • [40] Knowledge sharing and investment decisions in information security
    Liu, Dengpan
    Ji, Yonghua
    Mookerjee, Vijay
    DECISION SUPPORT SYSTEMS, 2011, 52 (01) : 95 - 107
12345