DOI QR코드

DOI QR Code

Research Trends in Information Security Economics : Focused on Information Systems Journals

보안경제성 연구동향 분석 : IS 저널 중심으로

  • Kang, Mi-Hwa (A3 Co., Ltd.) ;
  • Kim, Tae-Sung (Department of Management Information Systems, Graduate Program of Information Security Management, Chungbuk National University)
  • Received : 2016.02.12
  • Accepted : 2016.03.22
  • Published : 2016.03.31

Abstract

As numerous security breaches on a variety of information assets such as personal information, corporate secrets, computer servers, and networks have occurred, information security has emerged as a critical social issue. However, researches on economically rational information security decision-making have been few. Such researches are especially rare in South Korea where information security is considered to be a discipline of engineers. This study aims to identify the preferred themes and methodologies of information security economics research in the field of information systems by reviewing papers published in Management Information Systems Quarterly (MISQ), Information Systems Research (ISR), European Journal of Information Systems (EJIS), Management Science (MS), and Information and Management (I&M). We hope that the results of the study will be helpful in rational managerial or policy decision-making for practitioners and suggest future research topics for researchers.

Keywords

References

  1. Anderson, R., "Why Information Security is Hard-An Economic Perspective", In Computer Security Applications Conference, 2001, ACSAC 2001, Proceedings 17th Annual, IEEE, 2001, pp. 358-365.
  2. Anderson, R. and Moore, T., "The Economics of Information Security", Science, Vol. 314, No. 5799, 2006, pp. 610-613. https://doi.org/10.1126/science.1130992
  3. Anderson, R., Bohme, R., Clayton, R., and Moore, T., "Security Economics and European Policy", Managing Information Risk and the Economics of Security, 2009, pp. 55-80.
  4. Banker, R. D. and Kauffman, R. J., "The Evolution of Research on Information Systems : A Fiftieth-year Survey of the Literature in Management Science", Management Science, Vol. 50, No. 3, 2004, pp. 281-298. https://doi.org/10.1287/mnsc.1040.0206
  5. Belanger, F. and Crossler, R. E., "Privacy in the Digital Age : A Review of Information Privacy Research in Information Systems", MIS Quarterly, Vol. 35, No. 4, 2011, pp. 1017-1042. https://doi.org/10.2307/41409971
  6. Cordoba, J. R., Pilkington, A., and Bernroider, E. W., "Information Systems as a Discipline in the Making : Comparing EJIS and MISQ between 1995 andl 2008", European Journal of Information Systems, Vol. 21, No. 5, 2012, pp. 479-495. https://doi.org/10.1057/ejis.2011.58
  7. Davies, K., "Content Analysis of Research Articles in Information Systems(LIS) Journals", Library and Information Research, Vol. 36, No. 112, 2012, pp. 16-28.
  8. Jun, H.-J., Yoo, H.-W., and Kim, T.-S., "Analysis on Knowledge and Skills for Information Security Professionals", Information Systems Review, Vol. 10, No. 2, 2008, pp. 253-267.
  9. Kang, M.-H. and Kim, T.-S., "Research Trends in Information Security Economics : Focused on the Articles Presented at WEIS", Journal of the Korea Institute of Information Security and Cryptology, Vol. 25, No. 6, Dec. 2015, pp. 1561-1570. https://doi.org/10.13089/JKIISC.2015.25.6.1561
  10. Ministry of Knowledge Economy, "By 2013, Knowledge Information Security Industry 18 trillion won Market Creation", 2008.
  11. Ministry of Science, ICT and Future Planning, "K-ICT Security Development Strategy", 2015.
  12. Moore, T., "The Economics of Cybersecurity : Principles and Policy Options", International Journal of Critical Infrastructure Protection, Vol. 3, No. 3, 2010, pp. 103-117. https://doi.org/10.1016/j.ijcip.2010.10.002
  13. Moore, T. and Anderson, R., "Economics and Internet Security : A Survey of Recent Analytical, Empirical and Behavioral Research", Harvard University Computer Science Group, 2011.
  14. Mustafee, N., "Evolution of IS Research Based on Literature Published in Two Leading IS Journals-EJIS and MISQ", In 19th European Conference on Information Systems, 2011, pp. 2658-2668.
  15. National Disaster Management Institute, "Analysis of Social Disaster and the Damage Costs due to Leakage of Personal Information", Disaster and Safety, Vol. 17, No. 1, 2015, pp. 21-28.
  16. Odlyzko, A., "Economics, Psychology, and Sociology of Security", Financial Cryptography, 2003, pp. 182-189, Springer Berlin Heidelberg.
  17. Palvia, P., Pinjani, P., and Sibley, E. H., "A Profile of Information Systems Research Published in Information and Management", Information and Management, Vol. 44, No. 1, 2007, pp. 1-11. https://doi.org/10.1016/j.im.2006.10.002
  18. Siponen, M. and Willison, R., "A Critical Assessment of IS Security Research between 1990-2004", Copenhagen Business School, 2007.
  19. Smith, H. J., Dinev, T., and Xu, H., "Information Privacy Research : An Interdisciplinary Review", MIS Quarterly, Vol. 35, No. 4, 2011, pp. 989-1015. https://doi.org/10.2307/41409970
  20. Swanson, E. B. and Ramiller, N. C., "Information Systems Research Thematics : Submissions to a New Journal, 1987-1992", Information Systems Research, Vol. 4, No. 4, 1993, pp. 299-330. https://doi.org/10.1287/isre.4.4.299
  21. Standard Korean Dictionary of The National Institute of The Korean Language, http://stdweb2.korean.go.kr/.
  22. EJIS(European Journal of Information Systems), http://www.palgrave-journals.com/ejis/index.html.
  23. ISR(Information Systems Research), http://pubsonline.informs.org/jour1nal/isre.
  24. I&M(Information and Management), http://www.sciencedirect.com/science/journal/03787206.
  25. MISQ(Management Information Systems Quarterly), http://www.misq.org/.
  26. MS(Management Science), http://pubsonline.informs.org/journal/mnsc.
  27. WEIS(Workshop on the Economics of Information Security) 2011, http://weis2011.econinfosec.org/.
  28. WEIS(Workshop on the Economics of Information Security) 2012, http://weis2012.econinfosec.org/.
  29. WEIS(Workshop on the Economics of Information Security) 2013, http://weis2013.econinfosec.org/.
  30. WEIS(Workshop on the Economics of Information Security) 2014, http://weis2014.econinfosec.org/.