Abstract

Data is rapidly becoming one of the most important assets in global markets, and criminals are spotting opportunities to exploit new potential income sources. In response to this, organizations are dedicating increasing resources to information security programs. However, faced with unrelenting breach reports and rising costs, decision makers inevitably wonder which type of security investment is economically viable. In this article, the authors present an empirically tested model describing the underlying key constructs for assessing information security value in an organization. Based on identified latent variables previously put forward in the literature, the authors use a partial least squares structural equation modeling approach to verify the model's soundness. They identify five crucial variables for value-focused information security investment. The relationships among these latent variables are then investigated and contributions of the structural model assessed. The key findings are finally presented to highlight opportunities for security practitioners to apply the proposed model.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.