Application of the Gordon Loeb model to security investment metrics: a proposal

Application of the Gordon Loeb model to security investment metrics: a proposal

Cyber risk is a significant concern for all types of businesses. The consequences of a cyber attack can be quite severe. Investing in security to mitigate the impact of such risks is a crucial task, both in terms of the frequency and the severity of cyber incidents. In this paper, we propose a pract...

Full description

Saved in:
Bibliographic Details
Main Authors: Maria Francesca Carfora, Albina Orlando
Format: Article
Language:English
Published: AIMS Press 2024-12-01
Series:Data Science in Finance and Economics
Subjects:
cyber risk
security economics
security investments
risk exposure
gordon-loeb model
Online Access:https://www.aimspress.com/article/doi/10.3934/DSFE.2024025
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cyber risk is a significant concern for all types of businesses. The consequences of a cyber attack can be quite severe. Investing in security to mitigate the impact of such risks is a crucial task, both in terms of the frequency and the severity of cyber incidents. In this paper, we propose a practical application of the Gordon and Loeb model, thereby suggesting a methodology to estimate risk exposure and reconsidering some investment evaluation metrics. Our findings strongly support the claim that maximizing the expected net benefit of an investment solely at the optimal level is not sufficient for sound decision-making. On the contrary, incorporating metrics that evaluate the benefit in relation to risk and consider worst-case scenarios offers deeper insights.
ISSN:2769-2140

Similar Items