The Economics of Information Security

Abstract

Information Security breaches have a major economic impact on organizations. The costs of Information Security breaches world wide in the year 2000 exceeded one trillion U.S. dollars. To increase Information security and lower attributed costs, organizations are spending billions in software, hardware and outsourcing. The Federal Government has also passed legislation and implemented policy designed to increase Information Security. These measures have not had the desired effect. With the latest wave of malicious code such as Code Red and SirCam, as well as the multitude of other Information Security breaches, it is estimated the economic impact will continue to be significant. This paper focuses on the challenge presented by the need to assess the economic impact of breaches in Information Security. The economic risks of Information Security breaches are compared to the methods currently being undertaken to mitigate those risks to determine if the resources are being applied in the most efficient manner. The desired outcome of this research is to develop a framework that will assist organizations in identifying the economic risk due to Information Security breaches, and facilitate the application of resources to decrease these risks in the most effective and efficient manner.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 09, 2002
Accession Number
ADA404567

Entities

People

  • William S. Moser

Organizations

  • United States Army War College

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Anti-Virus Software
  • Application Software
  • Commerce
  • Computer Crime
  • Computer Programming
  • Computer Security Software
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Electronic Mail
  • Governments
  • Information Security
  • Information Systems
  • Intrusion Detectors
  • Law
  • Operating Systems
  • War Colleges

Readers

  • Cybersecurity.
  • Economics