Economic methods and decision making by security professionals


Baldwin, A., Beres, Y., Duggan, G. B., Cassassa Mont, M., Johnson, H., Middup, C. and Shiu, S., 2011. Economic methods and decision making by security professionals. In: Tenth Workshop on Economics of Information Security (WEIS 2011), 2011-06-14 - 2011-06-15.

Related documents:

This repository does not currently have the full-text of this item.
You may be able to access a copy if URLs are provided below. (Contact Author)


Increasing reliance on IT and the worsening threat environment mean that organisations are under pressure to invest more in information security. A challenge is that the choices are hard: money is tight, objectives are not clear, and there are many relevant experts and stakeholders. A significant proportion of the research in security economics is about helping people and organisations make better security investment and policy decisions. This paper looks at the impact of methods based on security economics on a set of decision makers. Importantly, the study focused upon experienced security professionals using a realistic security problem relating to client infrastructure. Results indicated that the methods changed the decision processes for these experienced security professionals. Specifically, a broader range of factors were accounted for and included as justifications for the decisions selected. The security professional is an (important and influential) stakeholder in the organization decision making process, and arguably a more complete understanding of the problem is more suitable for persuading a broader business audience. More generally the study complements all research in security economics that is aimed at improving decision making, and suggests ways to proceed and test for the impact of new methods on the actual decision makers.


Item Type Conference or Workshop Items (Paper)
CreatorsBaldwin, A., Beres, Y., Duggan, G. B., Cassassa Mont, M., Johnson, H., Middup, C. and Shiu, S.
DepartmentsFaculty of Humanities & Social Sciences > Health
Research CentresCentre for Pain Research
ID Code27039


Actions (login required)

View Item