Towards Integrating Insurance Data into Information Security Investment Decision Making

被引:0
|
作者
Woods, Daniel W. [1 ]
Simpson, Andrew C. [1 ]
机构
[1] Univ Oxford, Dept Comp Sci, Wolfson Bldg,Parks Rd, Oxford OX1 3QD, England
来源
2018 INTERNATIONAL CONFERENCE ON CYBER SITUATIONAL AWARENESS, DATA ANALYTICS AND ASSESSMENT (CYBER SA) | 2018年
基金
英国工程与自然科学研究理事会;
关键词
Risk assessment; data; empirical security; quantifying risk; quantifying impact; cyber insurance;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Making security investment decisions involves giving consideration to a variety of risks. However, there is little robust empirical evidence that can be used to support this process. This paper builds a road-map for incorporating cyber insurance data into existing security investment models. We propose an approach for using this data as an input for one investment model and introduce three distinct methods for evaluating the effectiveness of a new investment. We then describe a road-map for improving the insurance data collection process that aims to improve data utility for researchers. This approach could benefit those trying to justify an investment at all levels by providing evidence for the return on security.
引用
收藏
页数:6
相关论文
共 50 条
  • [1] A model of the information security investment decision-making process
    Dor, Daniel
    Elovici, Yuual
    [J]. COMPUTERS & SECURITY, 2016, 63 : 1 - 13
  • [2] Integrating Alternative Data (Also Known as ESG Data) in Investment Decision Making
    In, Soh Young
    Rook, Dane
    Monk, Ashby
    [J]. GLOBAL ECONOMIC REVIEW, 2019, 48 (03) : 237 - 260
  • [3] An economic analysis of information security investment decision making for substitutable enterprises
    Li, Xiaotong
    Xue, Qianyao
    [J]. MANAGERIAL AND DECISION ECONOMICS, 2021, 42 (05) : 1306 - 1316
  • [4] A game of information security investment considering security insurance and complementary information assets
    Qian, Xiaofei
    Yang, Wujuan
    Pei, Jun
    Liu, Xinbao
    Pardalos, Panos M.
    [J]. INTERNATIONAL TRANSACTIONS IN OPERATIONAL RESEARCH, 2022, 29 (03) : 1791 - 1824
  • [5] Integrated framework for information security investment and cyber insurance
    Wang, Shaun S.
    [J]. PACIFIC-BASIN FINANCE JOURNAL, 2019, 57
  • [6] Decision making of optimal investment in information security for complementary enterprises based on game theory
    Li, Xiaotong
    [J]. TECHNOLOGY ANALYSIS & STRATEGIC MANAGEMENT, 2021, 33 (07) : 755 - 769
  • [7] Dynamic Information Security Decision Making
    Ruo, Hu
    Hong, Xu
    [J]. ADVANCING KNOWLEDGE DISCOVERY AND DATA MINING TECHNOLOGIES, PROCEEDINGS, 2009, : 412 - 416
  • [8] Integrating data quality data into decision-making process: An information visualization approach
    Zhu, Bin
    Shankar, G.
    Cai, Yu
    [J]. HUMAN INTERFACE AND THE MANAGEMENT OF INFORMATION: METHODS, TECHNIQUES AND TOOLS IN INFORMATION DESIGN, PT 1, PROCEEDINGS, 2007, 4557 : 366 - 369
  • [9] Analytical Techniques for Decision Making on Information Security for Big Data Breaches
    Albeshri, Aiiad
    Thayananthan, Vijey
    [J]. INTERNATIONAL JOURNAL OF INFORMATION TECHNOLOGY & DECISION MAKING, 2018, 17 (02) : 527 - 545
  • [10] Towards an optimal information security investment strategy
    Wang, Zikai
    Song, Haitao
    [J]. PROCEEDINGS OF 2008 IEEE INTERNATIONAL CONFERENCE ON NETWORKING, SENSING AND CONTROL, VOLS 1 AND 2, 2008, : 756 - 761
12345