EconPapers    
Economics at your fingertips  
 

Principles for Better Information Security through More Accurate, Transparent Risk Scoring

Crowther Kenneth G, Haimes Yacov Y. and Johnson M. Eric
Additional contact information
Crowther Kenneth G: University of Virginia
Haimes Yacov Y.: University of Virginia
Johnson M. Eric: Dartmouth, Tuck School of Business

Journal of Homeland Security and Emergency Management, 2010, vol. 7, issue 1, 20

Abstract: This paper explores approaches for scoring information security risk that could lead to investment drivers and drive appropriate levels of security. Our approach is grounded on two important factors that determine cyber risk: (1) the information security resources (e.g., technologies, skills, and policies) that reduce the likelihood and consequences of successful information exploits; and (2) the security processes and capabilities that drive a continuous improvement of the security resources in use. The quality of a cyber defense system is the result of the integration of these two factors. This manuscript proposes such a two-factor hierarchical system of scoring, details candidate measures, and explores economic conditions for selecting appropriate measures. We review several scoring systems available that contain elements from this proposed system and discuss conditions for market adoption of information security scoring.

Keywords: risk scoring; cyber security; information security; vulnerability; resilience (search for similar items in EconPapers)
Date: 2010
References: Add references at CitEc
Citations:

Downloads: (external link)
https://doi.org/10.2202/1547-7355.1658 (text/html)
For access to full text, subscription to the journal or payment for the individual article is required.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:bpj:johsem:v:7:y:2010:i:1:p:20:n:15

Ordering information: This journal article can be ordered from
https://www.degruyte ... urnal/key/jhsem/html

DOI: 10.2202/1547-7355.1658

Access Statistics for this article

Journal of Homeland Security and Emergency Management is currently edited by Irmak Renda-Tanali

More articles in Journal of Homeland Security and Emergency Management from De Gruyter
Bibliographic data for series maintained by Peter Golla ().

 
Page updated 2025-06-11
Handle: RePEc:bpj:johsem:v:7:y:2010:i:1:p:20:n:15