The IT Law Wiki

Economic Analysis of an Inadequate Cyber Security Technical Infrastructure

32,062pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

National Institute of Standards and Technology. Economic Analysis of an Inadequate Cyber Security Technical Infrastructure (Planning Report 13-1) (Feb. 2013) (full-text).

Overview Edit

The focus of this study is on one component of cyber security — the cyber security technical infrastructure (CSTI). The CSTI is only one part of cyber security, but an important one that unifies cyber security assets. This report summarizes the most damaging CSTI inadequacies, or gaps, from the perspective of U.S. industry's cyber security directors, and quantifies a first-order approximation of economic benefits of narrowing those gaps.

This study quantifies the economic benefits to firms' cyber security operations of reducing the number of incidents and breaches by 10% as a result of targeted CSTI research and development. In recent years, multiple studies have aimed to offer some sense of the drag of cyber security problems on the U.S. economy but without offering many specifics as to what the issues are and how those estimates relate to real business issues. In contrast, this study focuses the lens on what cyber security directors believe the problems are and what the tangible economic benefit would be to their operations by improving the effectiveness of the CSTI, and therefore their cyber security, by just 10%.

Also on Fandom

Random Wiki