Lecture4.2

Lecture4.2 - TEL2813/IS2820 Security Management...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
TEL2813/IS2820 Security Management Cost-Benefit Analysis Net Present Value Model, Internal Rate of Return Model Return on Investment (Based on Book by Gordon and Loeb) Feb 14, 2006
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cost-benefit framework CBA widely accepted economic principle for managing organizational resources Requires cost of activity compared with the benefit Cost > Benefit ? Cost < Benefit ? Cost = Benefit ?
Background image of page 2
Cyber security Cost Operating Cost Expenditure that will benefit a single period’s operations (one fiscal year) E.g., cost of patching software to correct breaches in the fiscal year Capital Investment Expenditure that will benefit for several periods (Appears in balance sheet) E.g., purchase of an IDS system (+ personnel cost) Expect to work at least next few years
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cyber security Cost Capital investments lose their economic values Portion of the investment that has been lost during a particular period is charged to that period In practice, the distinction is not straightforward Some argue Most Cyber security expenditure are operating costs However, they have spill over effect – hence could be treated as capital investment Middle ground !!
Background image of page 4
Cyber security Cost : In practice Most org. treat cyber security expenditure as Operating costs Accounting and tax rules allow/motivate By expensing these costs in the year of expenditure, tax savings are realized immediately Distinction is good (recommended) From planning perspective A good approach View all as capital investments with varying time horizons OC becomes a special case of CI
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Cost (C) vs. Benefit (B) Assume B and C can be assessed for different level of
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 25

Lecture4.2 - TEL2813/IS2820 Security Management...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online