Purchase Solution

Information Security Reviews

Not what you're looking for?

Ask Custom Question

Case Assignment
Revisit Bruce Schneier's presentation in Module 2. This time, please focus on his discussions on cost/benefit analysis.
Schneier, B. (2008). What are the implications of spying? CCTV interview with Bruce Schneier. Retrieved from https://www.youtube.com/watch?v=Ar67N94NYr0

If you don't have access to the presentation, then simply read his article mentioned in Module 2. The article is:

Schneier, Bruce. The Psychology of Security. http://www.schneier.com/essay-155.html

The following article provides an example how such a cost/benefit analysis is considered.

Schneier, Bruce. Security at What Cost? National ID System Is Not Worth The $23 Billion Price Tag. http://www.schneier.com/essay-207.html.

The following article uses some typical accounting measurements for economics of information security.

Gordon, L. A., & Richardson, R. (2004). The New Economics of Information Security. Optimize. April, 83-86. (Trident Online Library: ProQuest)

The following article recaps what we talked about perceptions of security. More importantly, it discusses how people generally do not perceive gains and costs equally. When you conduct a cost/benefit analysis of security, you should keep that in mind.

West, R. (2008). The psychology of security. Communications of the ACM, Apr, 51(4), 34-40.

Incentive Design
The economics of information security is not only about cost/benefit analysis of implementing a security measure. Another major topic in economics is mechanism design, which provides principles and methods (like game theory) to help design incentive-compatible mechanisms that ensure participants are better off behaving honestly than dishonestly. See the following article to get a peek:

The Economist. (2007) Intelligent Design. Oct 18th, 2007. http://www.economist.com/finance/displaystory.cfm?story_id=9988840

To know more about the three Nobel Prize winners in 2007 economics division, surf http://nobelprize.org/nobel_prizes/economics/laureates/2007/ and check them out.

It is not easy to understand the revelation principle or the incentive-compatible design. I introduce you the concepts here for the purpose of making you aware of such a method. It takes time to learn how to design a game (a mechanism) that every party is better off by being honest.

Well, on a lighter note. Interestingly, a movie called "Mad Money" tells a story of three female employees of the Federal Reserve Bank stealing money that is about to be shredded. It is not a movie that I recommend to watch a second time, but it is entertaining enough to watch once. The movie is also a fit for the educational purpose here. I suggest you watch it once when you get a chance during this term, and pay special attention to the human factors -- especially the incentives of the thieves and the Chief Security Officer.

Other Economics Issues as to Security
As a matter of fact, there are many aspects in applying economics to information security. The following article has mentioned a list of authors that research economics of information security and provided a brief overview of their research:

Anderson R. and Schneier B., (2005) Economics of Information Security, IEEE Security and Privacy 3 (1), 2005, pp. 12-13. (Retrieved May 19, 2008).

To know more in depth, you can choose to view the video (optional):

Simonyi Konferencia 2011 - Economics of Information Security and Privacy. Retrieved from http://www.youtube.com/watch?v=fSfH80DY6S4

You are probably overwhelmed now with all these economics. I hope you also have broadened your views on security and have said "wow" to yourself that now you hold a much broader view on security and how to approach it from economic perspective.

Please write a 4- to 6-page paper discussing what you have learned:

What are the economic considerations of information security and its management?

In preparing your paper, you need to discuss the following issues, and support with arguments and evidence:

What are the major economic considerations in information security and management?
Are these economic considerations serving their purposes?
Why do these economic measures help?
Discuss economic mechanisms that can improve information security and management.
Provide a comparative table of the economic measures that you discussed.

Purchase this Solution
Solution Summary

The review into information security within business markets seeking economic measures withing mechanism design.

Solution Preview

1. What are the major economic considerations in information security and management?

Consider the main areas in concern deals with costs and benefit to secure the objective in tagging the population to decipher certain threats. Thus, the mechanism design offers a way to measure progress within a certain area of focus industry, such as, information security employed in business economics for success. In particular, the research should hone on considerations related - to the mechanism to decipher integral ways that offer newer solutions than before for lasting impressions within the targeted industry marketplace for long-term assessment as well as performance.

2. Are these economic considerations serving their purposes?

Try and think, in "most cases" the economic considerations are serving the higher potential for "mechanism design" due to the overwhelming efforts in syncing both (a) information security - to (b) technology - that advances the hugely important area of economics for countries progression into the targeted marketplace. By doing so, the core objective to reduce any dismal performance can achieve the desired results accordingly for maximal results. Consider the economic interactions in ways that either adapt to the marketplace or react differently due to extreme ...

Solution provided by:
Nichel Anderson, MBA, PhD (IP)
Education
  • BA, American Intercontinental University
  • MBA, American Intercontinental University
  • PhD (IP), Grand Canyon University
Recent Feedback
  • "Thank you!"
  • "Thank you"
  • "amazing"
  • "No comments "
  • "No comment"
Purchase this Solution
Free BrainMass Quizzes
SWOT

This quiz will test your understanding of the SWOT analysis, including terms, concepts, uses, advantages, and process.

Situational Leadership

This quiz will help you better understand Situational Leadership and its theories.

IPOs

This Quiz is compiled of questions that pertain to IPOs (Initial Public Offerings)

Lean your Process

This quiz will help you understand the basic concepts of Lean.

Understanding Management

This quiz will help you understand the dimensions of employee diversity as well as how to manage a culturally diverse workforce.

View More Free Quizzes
Related BrainMass Solutions

  • Workplace Security

    Some of these key tasks are, establish a security plan, conduct quality assurance reviews, conduct investigations, and develop key policies and procedures, and many other miscellaneous items.

  • Segregation of Duties

    SOD places limitations on what organizations can do and is most frequently used in audits and/or security reviews. Reference Spafford, G. (2006) Segregate Duties to Lessen Security Risks.

  • Human Safeguards: Security of Information Systems

    545388 Human Safeguards and Security of Information Systems The case study: Discuss some human safeguards for employees that can ensure the security of information systems.

  • CV Template

    In general, one does not include personal information in a cv, and professional organizations and SACS discourages such information. This includes social security, DL, date of birth, family status, place of birth, etc.

  • Social Security Administration

    It is important that management information is collected as processes are improved and the information is used internally to evaluate new procedures on an ongoing basis.

  • Components of Internal Control

    The controller reviews sales and collections bimonthly. j. The computer compares the information on the sales invoice with underlying shipping information. k.

  • database administrator

    The DBA will perform reviews on the design and code frequently to ensure the site standards are being adhered to.

  • Information Technology in Health Care

    The US Department of Health and Human Services' Office for Civil Rights is responsible for administering and enforcing the HIPAA Privacy and Security Rules and conducts associated complaint investigations, compliance reviews, and audits.

  • Review of Articles on Elements of Computer Security

    Computer Security. Principles and Practice. New Jersey, NJ: Pearson Education, Inc. This solution reviews three recent articles on elements of computer security. This paper examines the key elements of the computer security.

  • System Development Life Cycle (SDLC) and e-Business

    A formal authorization to operate after design reviews and system tests are performed to ensure that it meets the required security specifications. 4.

View More Related Solutions