Read more
Security has been a human concern since the dawn of time. With the rise of the digital society, information security has rapidly grown to an area of serious study and ongoing research. While much research has focused on the technical aspects of computer security, far less attention has been given to the management issues of information risk and the economic concerns facing firms and nations. Managing Information Risk and the Economics of Security provides leading edge thinking on the security issues facing managers, policy makers, and individuals. Many of the chapters of this volume were presented and debated at the 2008 Workshop on the Economics of Information Security (WEIS), hosted by the Tuck School of Business at Dartmouth College. Sponsored by Tuck's Center for Digital Strategies and the Institute for Information Infrastructure Protection (I3P), the conference brought together over one hundred information security experts, researchers, academics, reporters, corporate executives, government officials, cyber crime investigators and prosecutors. The group represented the global nature of information security with participants from China, Italy, Germany, Canada, Australia, Denmark, Japan, Sweden, Switzerland, the United Kingdom and the US. This volume would not be possible without the dedicated work Xia Zhao (of Dartmouth College and now the University of North Carolina, Greensboro) who acted as the technical editor.
List of contents
Managing Information Risk and the Economics of Security.- Nonbanks and Risk in Retail Payments: EU and U.S..- Security Economics and European Policy.- BORIS -Business ORiented management of Information Security.- Productivity Space of Information Security in an Extension of the Gordon-Loeb's InvestmentModel.- Communicating the Economic Value of Security Investments: Value at Security Risk.- Modelling the Human and Technological Costs and Benefits of USB Memory Stick Security.- The Value of Escalation and Incentives in Managing Information Access.- Reinterpreting the Disclosure Debate for Web Infections.- The Impact of Incentives on Notice and Take-down.- Studying Malicious Websites and the Underground Economy on the Chinese Web.- Botnet Economics: Uncertainty Matters.- Cyber Insurance as an Incentivefor Internet Security.- Conformity or Diversity: Social Implications of Transparency in Personal Data Processing.- Is Distributed Trust More Trustworthy?.
Summary
Security has been a human concern since the dawn of time. With the rise of the digital society, information security has rapidly grown to an area of serious study and ongoing research. While much research has focused on the technical aspects of computer security, far less attention has been given to the management issues of information risk and the economic concerns facing firms and nations. Managing Information Risk and the Economics of Security provides leading edge thinking on the security issues facing managers, policy makers, and individuals. Many of the chapters of this volume were presented and debated at the 2008 Workshop on the Economics of Information Security (WEIS), hosted by the Tuck School of Business at Dartmouth College. Sponsored by Tuck’s Center for Digital Strategies and the Institute for Information Infrastructure Protection (I3P), the conference brought together over one hundred information security experts, researchers, academics, reporters, corporate executives, government officials, cyber crime investigators and prosecutors. The group represented the global nature of information security with participants from China, Italy, Germany, Canada, Australia, Denmark, Japan, Sweden, Switzerland, the United Kingdom and the US. This volume would not be possible without the dedicated work Xia Zhao (of Dartmouth College and now the University of North Carolina, Greensboro) who acted as the technical editor.
Additional text
From the reviews:
"The book is a collection of recent, relevant papers by well-established researchers in the field of information security management. The book is well edited, the style and format is consistent, and the quality of production is high. There is a detailed table of contents and a simple index, typical of an edited collection of papers. The book will be useful to those interested in information security, particularly those involved in understanding and managing information risk." (David B. Henderson, ACM Computing Reviews, June, 2009)
Report
From the reviews:
"The book is a collection of recent, relevant papers by well-established researchers in the field of information security management. The book is well edited, the style and format is consistent, and the quality of production is high. There is a detailed table of contents and a simple index, typical of an edited collection of papers. The book will be useful to those interested in information security, particularly those involved in understanding and managing information risk." (David B. Henderson, ACM Computing Reviews, June, 2009)
