| Authors: | Katsikas S., Yannacopoulos A., Gritzalis S., Lambrinoudakis C., Hatzopoulos P. |
|---|
| Title: | How much should we pay for security? |
|---|
| Conference: | IFIP 11.1-11.5 Joint Working Conference on Security Management, Integrity and Internal Control in Information Systems |
|---|
| Editors: | B. Thuraisingham |
|---|
| Ed: | Yes |
|---|
| Eds: | No |
|---|
| Pages: | 59-70 |
|---|
| To appear: | No |
|---|
| Month: | December |
|---|
| Year: | 2005 |
|---|
| Place: | Fairfax, Virginia |
|---|
| Pubisher: | Springer |
|---|
| Link: | http://link.springer.com/content/pdf/10.1007%2F0-387-31167-X_4.pdf |
|---|
| File name: | |
|---|
| Abstract: | Information systems security has become a top priority issue for most organizations worldwide IT managers try to protect their systems through a series of technical security measures. Even though these measures can be determined through risk analysis, the appropriate amount that should be invested in Information Systems security is, by and large, determined empirically. Organizations would also wish to insure their information systems against potential security incidents. In this case both parties, namely the organization and the insurance company would be interested in calculating a fair, mutually beneficial premium. In this paper a probabilistic structure, in the form of a Markov model, is used to provide some insight into these issues. |
|---|
Greek