Cybersecurity Investment Guidance: Extensions of the Gordon and Loeb Model
Loading...
Author/Creator
Author/Creator ORCID
Date
2016-03-16
Type of Work
Department
Program
Citation of Original Publication
Farrow, Scott; Szanton, Jules; Cybersecurity Investment Guidance: Extensions of the Gordon and Loeb Model; Journal of Information Security, Vol.7, No.2,pp 15-28, 16 March, 2016; http://dx.doi.org/10.4236/jis.2016.72002
Rights
This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Attribution 4.0 International (CC BY 4.0)
Attribution 4.0 International (CC BY 4.0)
Subjects
Abstract
Extensions of the Gordon-Loeb [1] and the Gordon-Loeb-Lucyshyn-Zhou [2] models are presented based on mathematical equivalency with a generalized homeland security model. The extensions include limitations on changes in the probability of attack, simultaneous effects on probability and loss, diversion of attack, and shared non-information defenses. Legal cases are then investigated to assess approximate magnitudes of external effects and the extent they are internalized by the legal system.