Economic Considerations in Information Security and Management

Economic Considerations in Information Security and Management

Introduction

In the speech of Bruce Schneier, it has been realized that security is a reality as well as a feeing according to the psychology. The security can be measured mathematically which helps in analyzing the effectiveness and risks in different countermeasures. For instance, the degree of security of a burglar alarm can be calculated. However, according to Bruce Schneier, security can also be known as a feeling (Anderson & Moore, n.d.). Economic considerations play an effective role in ensuring information security and management. A number of years ago, many researchers realized that misplaced incentives have been the crucial constituent in the failure of many security systems instead of technical reasons (Waldt, 2004). In today's world, systems of hospital's medical records have been offered comprehensive features of billing management to the administrators. However, the commencement of information systems in documenting medical records of the hospital has not been reliable enough to protect privacy of patient (Anderson and Schneier, 2005). The use of automatic teller systems has been the major unreliable source which experienced fraud in many countries such as the Netherlands and the United Kingdom. Without adequate incentives, the poor regulations left banks in order to provide security to their information systems and permitted them to deliver the fraud's cost to their consumers (Cavusoglu, 2004).

In addition to this, the danger and risk of the attacks has become very mush diffused and this is one of the biggest reasons why internet is not protected and secured. Thus, economic considerations appear to be highly important as compared to technical considerations. Hence, effective and efficient information management and security is of great importance according to the perspective of economic considerations. Ever increasing cost and frequency of security violations has made the information security and management important. Each and every security violation of information systems encounters corporate liability, loss of reliability and monetary damage. This paper will represent the importance of economic considerations in ensuring information security and management (Anderson and Schneier, 2005). The manager of Information technology security must consider 4 crucial constituents for ensuring information security and management. An approach of risk management, assessment of the cost of security breach, value from exploitation of various technologies and cost effective technology configuration are the major considerations which the manager of information technology must take into account (Anderson and Schneier, 2005).

The proceeding ...