This book explores the economic, behavioral and legal factors that drive information security risks and solutions. It contains contributions from many leading researchers in the field and is ideal for managers and policy makers.
Security has been a human concern since the dawn of time. With the rise of the digital society, information security has rapidly grown to an area of serious study and ongoing research. While much research has focused on the technical aspects of computer security, far less attention has been given to the management issues of information risk and the economic concerns facing firms and nations. Managing Information Risk and the Economics of Security provides leading edge thinking on the security issues facing managers, policy makers, and individuals. Many of the chapters of this volume were presented and debated at the 2008 Workshop on the Economics of Information Security (WEIS), hosted by the Tuck School of Business at Dartmouth College. Sponsored by Tuck's Center for Digital Strategies and the Institute for Information Infrastructure Protection (I3P), the conference brought together over one hundred information security experts, researchers, academics, reporters, corporate executives, government officials, cyber crime investigators and prosecutors. The group represented the global nature of information security with participants from China, Italy, Germany, Canada, Australia, Denmark, Japan, Sweden, Switzerland, the United Kingdom and the US. This volume would not be possible without the dedicated work Xia Zhao (of Dartmouth College and now the University of North Carolina, Greensboro) who acted as the technical editor.
Security has been a human concern since the dawn of time. With the rise of the digital society, information security has rapidly grown to an area of serious study and ongoing research. While much research has focused on the technical aspects of computer security, far less attention has been given to the management issues of information risk and the economic concerns facing firms and nations. Managing Information Risk and the Economics of Security provides leading edge thinking on the security issues facing managers, policy makers, and individuals. Many of the chapters of this volume were presented and debated at the 2008 Workshop on the Economics of Information Security (WEIS), hosted by the Tuck School of Business at Dartmouth College. Sponsored by Tuck's Center for Digital Strategies and the Institute for Information Infrastructure Protection (I3P), the conference brought together over one hundred information security experts, researchers, academics, reporters, corporate executives, government officials, cyber crime investigators and prosecutors. The group represented the global nature of information security with participants from China, Italy, Germany, Canada, Australia, Denmark, Japan, Sweden, Switzerland, the United Kingdom and the US. This volume would not be possible without the dedicated work Xia Zhao (of Dartmouth College and now the University of North Carolina, Greensboro) who acted as the technical editor.
From the reviews:
"The book is a collection of recent, relevant papers by well-established researchers in the field of information security management. The book is well edited, the style and format is consistent, and the quality of production is high. There is a detailed table of contents and a simple index, typical of an edited collection of papers. The book will be useful to those interested in information security, particularly those involved in understanding and managing information risk." (David B. Henderson, ACM Computing Reviews, June, 2009)
"The book is a collection of recent, relevant papers by well-established researchers in the field of information security management. The book is well edited, the style and format is consistent, and the quality of production is high. There is a detailed table of contents and a simple index, typical of an edited collection of papers. The book will be useful to those interested in information security, particularly those involved in understanding and managing information risk." (David B. Henderson, ACM Computing Reviews, June, 2009)