Abstract
This chapter applies real options analytic framework to firms' investment activity in information security technology and then a dynamic analysis of information security investment is explored by extending Gordon-Loeb (2002). The current research provides how firms have to respond to immediate or remote threat numerically. It shows that although positive drift of threat causes both larger and later investment expenditure, negative drift causes immediate investment and lower investment expenditure. The efficiency of vulnerability reduction technology encourages firms to invest earlier and induces cost reduction. To know the form of vulnerability is important because the effect of high vulnerability on timing and amount of the investment expenditure is mixed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Copeland, T., Antikarnov, V.: Real Options: A Practitioner’s guide. Texere (2001)
Dixit, A.K., Pindyck, R.S.: Investment Under Uncertainty. Princeton University Press (1994)
Gordon L.A., Loeb, M.P.: The economics of information security investment. ACM Transactions on Information and System Security 5(4), 438–457 (2002)
Gordon, L.A., Loeb, M.P., Lucyshyn, W.: Information security expenditures and real options: A wait-and-see approach. Computer Security Journal 19(2), 1–7 (2003)
Gal-Or, E., Ghose, A.: The economic incentives for sharing security information. Information Systems Research 16(2), 186–208 (2005)
Herath, H., Harath, T.: Investments in information security: A real options perspective with bayesian postaudit. Journal of Management Information Systems 25(3), 337–375 (2009)
Pindyck, R. S. (1991). Irreversibility, uncertainty, and investment. Journal of Economic Literature 29(3), 1110–1148.
Roundtable discussion in WEIS 2003 http://www.cpppe.umd.edu/rhsmith3/agenda.htm
Trigeorgis, L.: Real Options. MIT Press (1996)
Willemson, J.: On the Gordon & Loeb model for information security investment. In: Proceedings of the 5thWorkshop on the Economics of Information Security (WEIS). Cambridge, UK (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this paper
Cite this paper
Tatsumi, Ki., Goto, M. (2010). Optimal Timing of Information Security Investment: A Real Options Approach. In: Moore, T., Pym, D., Ioannidis, C. (eds) Economics of Information Security and Privacy. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-6967-5_11
Download citation
DOI: https://doi.org/10.1007/978-1-4419-6967-5_11
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-6966-8
Online ISBN: 978-1-4419-6967-5
eBook Packages: Computer ScienceComputer Science (R0)