摘要:Given the importance of cybersecurity to the survival of an organization, a fundamental economics-based question that must be addressed by all organizations is: How much should be invested in cybersecurity related activities? Gordon and Loeb [1] presented a model to address this question, and that model has received a significant amount of attention in the academic and practitioner literature. The primary objective of this paper is to discuss the Gordon-Loeb Model with a focus on gaining insights for the model’s use in a practical setting.
关键词:Economics of Information Security;Cybersecurity Investment