TITLE:
Information Segmentation and Investing in Cybersecurity
AUTHORS:
Lawrence A. Gordon, Martin P. Loeb, Lei Zhou
KEYWORDS:
Cybersecurity Investments, Information Segmentation, Economics of Information Security
JOURNAL NAME:
Journal of Information Security,
Vol.12 No.1,
January
19,
2021
ABSTRACT: This
paper provides an analysis of how the benefits of information segmentation can assist
an organization to derive the appropriate amount to invest in cybersecurity
from a cost-benefit perspective. An analytical model based on the framework of
the Gordon-Loeb Model ([1]) is presented that provides a set of sufficient conditions for
information segmentation to lower the total investments in cybersecurity and
the expected loss from cybersecurity breaches. A numerical example illustrating
the insights gained from the model is also presented.