RISS 검색 - 국내학술지논문 상세보기

부가정보

다국어 초록 (Multilingual Abstract)

This study expands the current body of research by exploring multiple scenarios of insufficient and excessive IT security investments caused by interdependent risks and the interplay between IT security investments and cyber insurance. A key finding is that organizations experiencing interdependent risks with different types of cyber attacks (i.e., targeted and untargeted attacks) use different strategies in making IT security investment decisions and in purchasing cyber insurance policies for their information security risk management than firms that are facing independent risks. The study further provides an economic rationale for employing insurance mechanisms as a risk management solution for information security.

참고문헌 (Reference)

1 Schoemaker, P., "The expected utility model : its variants, purposes, evidence and limitations" 20 (20): 529-563, 1982

2 Kesan, J., "The Economic Case for Cyberinsurance" 2005

3 Brodkin, J, "TJX breach may spur greater adoption of credit card security standards"

4 Muermann, A, "Selfprotection and insurance with interdependencies" 36 (36): 103-123, 2008

5 Weiss, T.R., "Security holes closed in New York Times intranet after hacker intrusion"

6 Grance, T., "Security guide for interconnecting information technology systems" NIST 800-847, 2002

7 Dzung, D, "Security for industrial communication systems" 93 (93): 1152-1177, 2005

8 Doll, M., "Security and Technology Solutions: The 2002 Ernst and Young Digital Security Overview: An Executive Guide and Diagnostic" Ernst and Young LLP 2002

9 Camp, L.J., "Pricing security" 2000

10 Tally, G, "Phisherman: A Phishing Data Repository" 2009

1 Schoemaker, P., "The expected utility model : its variants, purposes, evidence and limitations" 20 (20): 529-563, 1982

2 Kesan, J., "The Economic Case for Cyberinsurance" 2005

3 Brodkin, J, "TJX breach may spur greater adoption of credit card security standards"

4 Muermann, A, "Selfprotection and insurance with interdependencies" 36 (36): 103-123, 2008

5 Weiss, T.R., "Security holes closed in New York Times intranet after hacker intrusion"

6 Grance, T., "Security guide for interconnecting information technology systems" NIST 800-847, 2002

7 Dzung, D, "Security for industrial communication systems" 93 (93): 1152-1177, 2005

8 Doll, M., "Security and Technology Solutions: The 2002 Ernst and Young Digital Security Overview: An Executive Guide and Diagnostic" Ernst and Young LLP 2002

9 Camp, L.J., "Pricing security" 2000

10 Tally, G, "Phisherman: A Phishing Data Repository" 2009

11 Quaas, M, "Natural vs. financial insurance in the management of public-good ecosystems" 65 (65): 397-406, 2008

12 Bandyopadhyay, T., "Mitigation and transfer of information security risk: Investment in financial instruments and technology" The University of Texas at Dallas 2006

13 Ehrlich, I, "Market Insurance, Self-Insurance, and Self-Protection" 80 (80): 623-648, 1972

14 Varian, H, "Managing Online Security Risks"

15 Zhao, X., "Managing Interdependent Information Security Risks: An Investigation of Commercial Cyberinsurance and Risk Pooling Arrangement" 2009

16 Powell, B., "Is cybersecurity a public good? Evidence from the financial services industry" 1 (1): 497-510, 2005

17 Hirshleifer, J., "Investment, interest, and capital" Prentice-Hall 1970

18 Kunreuther, H, "Interdependent security" 26 (26): 231-249, 2003

19 Shim, W., "Interdependent risk and cyber security: An analysis of security investment and cyber insurance" Michigan State University 2010

20 Lakdawalla, D, "Insurance, self-protection, and the economics of terrorism" 89 (89): 1891-1905, 2006

21 Ogut, H., "Information technology security risk management" The University of Texas at Dallas 2006

22 Bhattacharya, J, "Health Insurance and the Obesity Externality" 17 (17): 279-318, 2006

23 Böhme, R., "Cyber-insurance Revisited" 2005

24 Bolot, J, "Cyber insurance as an incentive for Internet security" 2008

25 Turk, R. J., "Cyber incidents involving control systems" Idaho National Engineering and Environmental Laboratory 2005

26 Ogut, H., "Cyber Insurance and IT Security Investment: Impact of Interdependent Risk" 2005

27 Bolot, J, "A new perspective on internet security using insurance" 2008

28 Gordon, L., "A framework for using insurance for cyber-risk management" 46 (46): 81-85, 2003

29 Hau, A., "A Note on Insurance Coverage in Incomplete Markets" 66 (66): 433-442, 1999

30 Richardson, R, "2008 CSI Computer Crime and Security Survey" Computer Security Institute 2008

동일학술지(권/호) 다른 논문

지속적 관여도 및 인지된 위험이 소비자의 온라인 상인선택 프로세스에 미치는 영향에 관한 연구: 요구신뢰 수준 개념을 중심으로
- 한국경영정보학회
- 홍일유
- 2012
- KCI등재,SCOPUS
금융회사의 고객정보보호에 대한 내부직원의 태도 연구
- 한국경영정보학회
- 정우진
- 2012
- KCI등재,SCOPUS
Effectiveness of Asynchronous Learning Networks in Teaching as a Supplement to Classroom Teaching : A Study from Perspective of Lecturers in National University of Singapore
- 한국경영정보학회
- Gee-Woo Bock
- 2012
- KCI등재,SCOPUS
An Analysis of Information Security Management Strategies in the Presence of Interdependent Security Risk
- 한국경영정보학회
- Woohyun Shim
- 2012
- KCI등재,SCOPUS

동일학술지 더보기

분석정보

View

상세정보조회

Usage

원문다운로드

대출신청

복사신청

EDDS신청

동일 주제 내 활용도 TOP

주제

연도별 연구동향

연도별 활용동향

연관논문

연구자 네트워크맵

공동연구자 (7)

유사연구자 (20) 활용도상위20명

인용정보 인용지수 설명보기

학술지 이력

학술지 이력
연월일	이력구분	이력상세
2023	평가예정	해외DB학술지평가 신청대상 (해외등재 학술지 평가)
2020-01-01	평가	등재학술지 유지 (해외등재 학술지 평가)
2017-01-01	평가	등재학술지 유지 (계속평가)
2013-01-01	평가	등재 1차 FAIL (등재유지)
2010-01-01	평가	등재학술지 유지 (등재유지)
2009-03-05	학술지명변경	한글명 : 경영정보학 연구 -> Asia Pacific Journal of Information Systems 외국어명 : The Journal of MIS Research -> Asia Pacific Journal of Information Systems
2008-01-01	평가	등재학술지 유지 (등재유지)
2006-01-01	평가	등재학술지 유지 (등재유지)
2004-01-01	평가	등재학술지 유지 (등재유지)
2001-01-01	평가	등재학술지 선정 (등재후보2차)
1998-07-01	평가	등재후보학술지 선정 (신규평가)