Please use this identifier to cite or link to this item: https://doi.org/10.2753/MIS0742-1222260205
Title: Information security: Facilitating user precautions vis-à-vis enforcement against attackers
Authors: Png, I. 
Wang, Q.-H.
Keywords: Enforcement
Facilitation
Information security
Mass attacks
Targeted attacks
Issue Date: 2009
Citation: Png, I., Wang, Q.-H. (2009). Information security: Facilitating user precautions vis-à-vis enforcement against attackers. Journal of Management Information Systems 26 (2) : 97-121. ScholarBank@NUS Repository. https://doi.org/10.2753/MIS0742-1222260205
Abstract: We compare alternative information security policies-facilitating enduser precautions and enforcement against attackers. The context is mass and targeted attacks, taking account of strategic interactions between end users and attackers. For both mass and targeted attacks, facilitating end-user precautions reduces the expected loss of end users. However, the impact of enforcement on expected loss depends on the balance between deterrence and slackening of end-user precautions. Facilitating end-user precautions is more effective than enforcement against attackers when the cost of precautions and the cost of attacks are lower. With targeted attacks, facilitating end-user precautions is more effective for users with relatively high valuation of information security, while enforcement against attackers is more effective for users with relatively low valuation of security. © 2009 M.E. Sharpe, Inc.
Source Title: Journal of Management Information Systems
URI: http://scholarbank.nus.edu.sg/handle/10635/44326
ISSN: 07421222
DOI: 10.2753/MIS0742-1222260205
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.