Download this Paper Open PDF in Browser

Information Security Expenditures and Real Options: A Wait-and-See Approach

Computer Security Journal, Vol. XIX, No. 2, Spring, 2003

16 Pages Posted: 31 May 2012  

Lawrence A. Gordon

University of Maryland - Department of Accounting & Information Assurance

Martin P. Loeb

University of Maryland - Robert H. Smith School of Business

William Lucyshyn

University of Maryland - Center for Public Policy and Private Enterprise

Date Written: May 31, 2003

Abstract

This paper examines the deferment option explanation for why information security breaches are so prevalent. Our examination will focus on security breaches within major U.S. corporations and will include some empirical evidence to support our discussion. As will be seen, the evidence presented supports the argument that the ubiquitous nature of security breaches is due, at least in part, to the wait-and-see (i.e., deferment option) approach of many senior managers. This article will also show why such an approach is quite rational from an economics perspective.

Keywords: Information Security, Real Options

Suggested Citation

Gordon, Lawrence A. and Loeb, Martin P. and Lucyshyn, William, Information Security Expenditures and Real Options: A Wait-and-See Approach (May 31, 2003). Computer Security Journal, Vol. XIX, No. 2, Spring, 2003. Available at SSRN: https://ssrn.com/abstract=1375460

Lawrence A. Gordon

University of Maryland - Department of Accounting & Information Assurance ( email )

Robert H. Smith School of Business
College Park, MD 20742-9157
United States

Martin P. Loeb

University of Maryland - Robert H. Smith School of Business ( email )

Robert H. Smith School of Business
College Park, MD 20742-1815
United States
301-405-2209 (Phone)
301-314-9157 (Fax)

William Lucyshyn (Contact Author)

University of Maryland - Center for Public Policy and Private Enterprise ( email )

College Park, MD 20742-1815
United States
301 405-8257 (Phone)

Paper statistics

Downloads
492
Rank
46,852
Abstract Views
1,316