Optimal Information Security Architecture for the Enterprise
43 Pages Posted: 23 Jan 2008
Date Written: January 1, 2008
Abstract
Information security is growing to be an IT priority for many firms, but several critical dimensions of enterprise security like type of loss or strategic effects of countermeasures have received little attention in the economics-based literature. We develop a model of a contagious threat that can attack multiple divisions of a firm's enterprise network and cause both availability and confidentiality losses. Firms commonly deploy countermeasures to mitigate the harmful effects of threats. Such deployment is complicated by the CIO's lack of information on the information systems of the divisions and due to the differing goals of division managers. In this setting, we model the business process and interconnectivity requirements of the enterprise and demonstrate how to optimally design the security architecture, which consists of protection, recovery and cryptographic measures. We evaluate commonly suggested mechanisms like subsidies and liability and find that they are inadequate as well as informationally demanding. To remedy these problems which directly impact practitioners, we derive mechanisms that have no ex-post informational requirements and are easily implementable for both availability and confidentiality losses. Some of our results are counterintuitive, notably that countermeasure can be overdeployed by division managers and that having a single platform for all divisions can decrease unexpected confidentiality losses.
Keywords: Information Security, Availability Losses, Confidentiality Losses, Enterprise Security Architecture
Suggested Citation: Suggested Citation