TITLE:
Investing in Cybersecurity: Insights from the Gordon-Loeb Model
AUTHORS:
Lawrence A. Gordon, Martin P. Loeb, Lei Zhou
KEYWORDS:
Economics of Information Security, Cybersecurity Investment
JOURNAL NAME:
Journal of Information Security,
Vol.7 No.2,
March
23,
2016
ABSTRACT: Given the importance of cybersecurity to the survival of an organization,
a fundamental economics-based question that must be addressed by all
organizations is: How much should be invested in cybersecurity related
activities? Gordon and Loeb [1] presented a model to address this question, and
that model has received a significant amount of attention in the academic and
practitioner literature. The primary objective of this paper is to discuss the
Gordon-Loeb Model with a focus on gaining insights for the model’s use in a
practical setting.