The costs and benefits related to cyber security breaches - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

The costs and benefits related to cyber security breaches

Description:

The costs and benefits related to cyber security breaches Chapter 3 Gordon & Loeb Benefits of Cyber Security The benefits of cyber security are essentially the ... – PowerPoint PPT presentation

Number of Views:144
Avg rating:3.0/5.0
Slides: 8
Provided by: Dr2122
Category:

less

Transcript and Presenter's Notes

Title: The costs and benefits related to cyber security breaches


1
The costs and benefits related to cyber security
breaches
Chapter 3 Gordon Loeb
2
Benefits of Cyber Security
  • The benefits of cyber security are essentially
    the costs savings associated with prevented cyber
    security breaches.
  • So to understand the benefits of cyber security
    we must be able to quantify the costs associated
    with any security breaches.
  • We do this by examining the forms and magnitudes
    of the cyber security breaches and potential
    impacts of each

3
Costs of Cyber Security Attacks
  • Direct costs
  • Costs associated with the personnel, hardware,
    software needed dedicated to preventing,
    detecting and correcting specific breaches.
  • Indirect costs
  • Costs that cannot be linked directly to a single
    attack event.
  • Includes intrusion detection systems
  • Explicit costs
  • Costs that can be measured in a specific manner
    i.e. firewalls, encryption, access controls and
    other technical activities to assure security,
    access and data integrity.
  • Implicit costs
  • Are often opportunity costs such as lost revenues
  • reputation, potential legal liability etc.

4
The Cyber Security Grid and Direct costs
  • Most studies believe that the implicit costs of
    Cyber security breaches are usually the highest
  • However, in 2004 the Computer Security Institute
    and the FBI study found that organizations lost
    over 141 million in direct losses due to Cyber
    security breaches.
  • Many believe that very few companies actually
    report any breaches at all.

Confidentiality
Data availability
Data integrity
Explicit Costs
Indirect costs
Implicit Costs
Direct costs
5
Approaches to measure impacts of Cyber Security
  • Some studies have looked at the implicit costs of
    the value of a company on the stock market that
    has experienced a Cyber security breach.
  • The finding on a study published in Journal of
    Computer Security in 2003 found that attacks
    involving confidentiality had an impact on the
    value of a stock (negative 5)
  • That is a loss of 5,000,000,000 for a company
    the size of Wal-Mart or Exxon Mobile.

6
Some findings
  • The authors observe (p65) that
  • It is a myth to assume that all Cyber security
    breaches have a significant economic impact on
    organizations. The reality is that a large
    portion of Cyber security breaches does not have
    an economic impact on organizations
  • However, confidentiality attacks do have an
    impact.

7
Your Turn!
Q A
Write a Comment
User Comments (0)
About PowerShow.com