Optimal Information Security Architecture for the Enterprise
Harvard Business School
Carnegie Mellon University - H. John Heinz III School of Public Policy and Management
Carnegie Mellon University - David A. Tepper School of Business
January 1, 2008
Information security is growing to be an IT priority for many firms, but several critical dimensions of enterprise security like type of loss or strategic effects of countermeasures have received little attention in the economics-based literature. We develop a model of a contagious threat that can attack multiple divisions of a firm's enterprise network and cause both availability and confidentiality losses. Firms commonly deploy countermeasures to mitigate the harmful effects of threats. Such deployment is complicated by the CIO's lack of information on the information systems of the divisions and due to the differing goals of division managers. In this setting, we model the business process and interconnectivity requirements of the enterprise and demonstrate how to optimally design the security architecture, which consists of protection, recovery and cryptographic measures. We evaluate commonly suggested mechanisms like subsidies and liability and find that they are inadequate as well as informationally demanding. To remedy these problems which directly impact practitioners, we derive mechanisms that have no ex-post informational requirements and are easily implementable for both availability and confidentiality losses. Some of our results are counterintuitive, notably that countermeasure can be overdeployed by division managers and that having a single platform for all divisions can decrease unexpected confidentiality losses.
Number of Pages in PDF File: 43
Keywords: Information Security, Availability Losses, Confidentiality Losses, Enterprise Security Architectureworking papers series
Date posted: January 23, 2008
© 2013 Social Science Electronic Publishing, Inc. All Rights Reserved.
This page was processed by apollo8 in 1.032 seconds