IT Security Investment and Costing Emphasizing Benefits in Times of Limited Budgets

Stöwer, Mechthild; Kraft, Reiner

doi:10.1007/978-3-658-00333-3_4

IT Security Investment and Costing Emphasizing Benefits in Times of Limited Budgets

Mechthild Stöwer⁴ &
Reiner Kraft⁴

Chapter
First Online: 11 December 2012

1257 Accesses

Abstract

This article addresses different approaches for IT security investment cost-benefit analyses and argues calculation approaches that focus on the contribution of IT security procedures to support business process productivity. Several examples show opportunities how to generate economic revenues through appropriate security investments. These examples may serve as blueprints helping IT security mangers to claim appropriate budgets. Open issues are identified for developing more reliable and convincing cost-benefit analysis methods for security investments.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Literature1

Brecht, Matthias; Nowey, Thomas: A Closer Look at Information Security Costs, Workshop on the economics of information security, WEIS conference 2012
Google Scholar
Blumberg, H., Pohlmann, N.: Der IT-Sicherheitsleitfaden, Bonn 2004
Google Scholar
Faisst, U., Prokein, O., Wegmann, N.: Ein Modell zur dynamischen Investitionsrechnung von IT-Sicherheitsmaßnahmen, in Zeitschrift für Betriebswirtschaft, 77:511-538, 2007
Google Scholar
Gadatsch, A., Uebelacker, H.; Wirtschaftlichkeitsbetrachtungen für IT-Security-Projekte in Mörike, M., Teufel, S (Hrsg.); Kosten & Nutzen von IT-Sicherheit, Heidelberg 2006
Google Scholar
Hoo, Soo K.: “How Much is Enough? A Risk-Management Approach to Computer Security,” Stanford 2000
Google Scholar
Neubauer, T.: On the singularity of valuating IT security investments, Eighth IEEE/ACIS International Conference on Computer and Information Science, p. 549-556, 2009
Google Scholar
Pohlmann, N.: Wirtschaftlichkeitsbetrachtungen von IT-Sicherheitsmechanismen, http://www.internet-sicherheit.de/fileadmin/docs/publikationen/Wirtschaftlichkeit_ITsec_06_03_04.pdf
Sonnenreich, W.: Return On Security Investment (ROSI): A Practical Quantitative Model, Journal of Research and Practice in Information Technology, Volume 38, issue 1, 2006
Google Scholar

Download references

Author information

Authors and Affiliations

Fraunhofer-Institute for Secure Information Technology SIT, Darmstadt, Germany
Mechthild Stöwer & Reiner Kraft

Authors

Mechthild Stöwer
View author publications
You can also search for this author in PubMed Google Scholar
Reiner Kraft
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mechthild Stöwer .

Editor information

Editors and Affiliations

DuD Datenschutz und Datensicherung, TeleTrust Deutschland e.V., Eichendorffstr. 16, Erfurt, 99096, Thüringen, Germany
Helmut Reimer
Bornhoefferstr. 40a, Aachen, 52078, Germany
Norbert Pohlmann
Abraham-Lincoln-Str. 46, Wiesbaden, 65189, Germany
Wolfgang Schneider

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Stöwer, M., Kraft, R. (2012). IT Security Investment and Costing Emphasizing Benefits in Times of Limited Budgets. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2012 Securing Electronic Business Processes. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00333-3_4

Download citation

DOI: https://doi.org/10.1007/978-3-658-00333-3_4
Published: 11 December 2012
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00332-6
Online ISBN: 978-3-658-00333-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics