CORRELATED FAILURES, DIVERSIFICATION, AND INFORMATION SECURITY RISK MANAGEMENT.

Author List: Chen, Pei-yu; Kataria, Gaurav; Krishnan, Ramayya;

MIS Quarterly, 2011, Volume 35, Issue 2, Page 397-A3.

The article presents research on risk management related to computer network security in management information systems. A queuing model is presented to quantify the downtown loss faced by a network in a security attack and compare it to the costs of investment in computer security technologies, diversification of computer software to limit the risk of coordinated failure and investment in information technology to repair failures. Situations under which the strategy of diversification of computer software are financially advantageous are discussed.

Keywords: Security; diversification; downtime loss; software allocation; network effects; risk management; correlated failures

Algorithm:

List of Topics

#73	0.252	security threat information users detection coping configuration avoidance response firm malicious attack intrusion appraisal countermeasures benefit costs threats ability rate
#264	0.205	risk risks management associated managing financial appropriate losses expected future literature reduce loss approach alternative mitigate failures failure cause mitigation
#240	0.175	systems information management development presented function article discussed model personnel general organization described presents finally computer-based role examined functional components
#271	0.165	technology investments investment information firm firms profitability value performance impact data higher evidence diversification industry payoff return findings decisions greater
#249	0.054	network networks social analysis ties structure p2p exchange externalities individual impact peer-to-peer structural growth centrality participants sharing economic ownership embeddedness