Abstract :
The author proposes concepts that could help in assessing the economic impact of computer security measures. The Parker-Benson mode is considered, and attention is given to such issues as the broadening of cost-benefit analysis (CBA) and information vs. security economics. It is concluded that it is possible to afford the difficult task of demonstrating the cost-effectiveness of security measures by broadening traditional CBA techniques. It is suggested that a new approach to security is necessary. Preventive, detective, and corrective measures should not be regarded as a further burden. Very often, they characterize the uniqueness of a processor or a product with respect to its competitors
Keywords :
economics; security of data; Parker-Benson mode; computer security measures; corrective measures; cost-benefit analysis; cost-effectiveness; economic impact; security economics; security measures; traditional CBA techniques; Access control; Communication system security; Computer security; Costs; Data security; Information security; Investments; Microeconomics; Resource management; Time measurement;
