As with all aspects of business and the economy, information security is an economic function. Security can be modeled as a maintenance or insurance cost as a relative function but never in absolute terms. As such, security can be seen as a cost function that leads to the prevention of loss, but not one that can create gains (or profit). With the role of a capital investment to provide a return on investment, security is a defense against unforeseen losses that cost capital and reduce profitability. In this paper we assess the individual security cost and model our assessment in economic terms. This assessment is vital in determining the cost benefit in applying costly security controls in our systems in general and software in particular.
|Title of host publication||Computational Intelligence in Security for Information Systems|
|Subtitle of host publication||Proceedings of the 4th International Conference, CISIS 2011|
|Editors||Ãlvaro Herrero, Emilio Corchado|
|Place of Publication||Germany|
|Number of pages||8|
|Publication status||Published - 2011|
|Event||4th International Conference on Computational Intelligence in Security for Information Systems: CISIS 2011 - Hotel Melia Costa del Sol, Torremolinos, Málaga, Spain|
Duration: 08 Jun 2011 → 10 Jun 2011
http://www.springer.com/gp/book/9783642213229 (Conference proceedings )
https://web.archive.org/web/20110720145129/http://gicap.ubu.es/cisis2011/home/home.shtml (Conference website)
|Name||Security and Cryptology|
|Conference||4th International Conference on Computational Intelligence in Security for Information Systems|
|Period||08/06/11 → 10/06/11|
|Other||CISIS aims to offer a meeting opportunity for academic and industry-related researchers belonging to the various, vast communities of Computational Intelligence, Information Security, and Data Mining. The need for intelligent, flexible behaviour by large, complex systems, especially in mission-critical domains, is intended to be the catalyst and the aggregation stimulus for the overall event.|
Wright, C., & Zia, T. (2011). Rationally Opting for the Insecure Alternative: Negative Externalities and the Selection of Security Controls. In Ã. Herrero, & E. Corchado (Eds.), Computational Intelligence in Security for Information Systems: Proceedings of the 4th International Conference, CISIS 2011 (Vol. 6694, pp. 206-213). (Security and Cryptology). Springer.