Managing cybersecurity resources : a cost-benefit analysis

Breaches in cybersecurity are on the rise. Between 1998 and 2003, reported cybersecurity incidents increased over thirty-fold. Well-publicized information security breaches have made cybersecurity a critical and timely topic for the general public, as well as for corporations, not-for-profit organizations and the government. As a result, organizations need to be able to make the business case for spending the right amount on cybersecurity. They also need to know how to efficiently allocate these funds to specific cybersecurity activities. Managing Cybersecurity Resources is the first book to specifically focus on providing a framework for understanding how to use economic and financial management tools in helping to address these important issues.The McGraw-Hill Homeland Security Series draws on frontline government, military, and business experts to detail what individuals and businesses can and must do to understand and move forward in this challenging new environment. Books in this timely and noteworthy series will cover everything from the balance between freedom and safety to strategies for protection of intellectual, business, and personal property to structures and goals of terrorist groups including Al-Qaeda.

Preface vii Acknowledgments xi 1. Introduction 2. A Cost-Benefit Framework for Cybersecurity 3. The Costs and Benefits Related to Cybersecurity Breaches 4. The Right Amount to Spend on Cybersecurity 5. Risk Management and Cybersecurity 6. The Business Case for Cybersecurity 7. Cybersecurity Auditing 8. Cybersecurity's Role in National Security 9. Concluding Comments Glossary Acronyms References Selected Annotated Bibliography Index