Abstract
This article addresses different approaches for IT security investment cost-benefit analyses and argues calculation approaches that focus on the contribution of IT security procedures to support business process productivity. Several examples show opportunities how to generate economic revenues through appropriate security investments. These examples may serve as blueprints helping IT security mangers to claim appropriate budgets. Open issues are identified for developing more reliable and convincing cost-benefit analysis methods for security investments.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Literature1
Brecht, Matthias; Nowey, Thomas: A Closer Look at Information Security Costs, Workshop on the economics of information security, WEIS conference 2012
Blumberg, H., Pohlmann, N.: Der IT-Sicherheitsleitfaden, Bonn 2004
Faisst, U., Prokein, O., Wegmann, N.: Ein Modell zur dynamischen Investitionsrechnung von IT-Sicherheitsmaßnahmen, in Zeitschrift für Betriebswirtschaft, 77:511-538, 2007
Gadatsch, A., Uebelacker, H.; Wirtschaftlichkeitsbetrachtungen für IT-Security-Projekte in Mörike, M., Teufel, S (Hrsg.); Kosten & Nutzen von IT-Sicherheit, Heidelberg 2006
Hoo, Soo K.: “How Much is Enough? A Risk-Management Approach to Computer Security,” Stanford 2000
Neubauer, T.: On the singularity of valuating IT security investments, Eighth IEEE/ACIS International Conference on Computer and Information Science, p. 549-556, 2009
Pohlmann, N.: Wirtschaftlichkeitsbetrachtungen von IT-Sicherheitsmechanismen, http://www.internet-sicherheit.de/fileadmin/docs/publikationen/Wirtschaftlichkeit_ITsec_06_03_04.pdf
Sonnenreich, W.: Return On Security Investment (ROSI): A Practical Quantitative Model, Journal of Research and Practice in Information Technology, Volume 38, issue 1, 2006
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Stöwer, M., Kraft, R. (2012). IT Security Investment and Costing Emphasizing Benefits in Times of Limited Budgets. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_4
Download citation
DOI: https://doi.org/10.1007/978-3-658-00333-3_4
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00332-6
Online ISBN: 978-3-658-00333-3
eBook Packages: Computer ScienceComputer Science (R0)