Network Security Investment

Analysing potential risk and the allocation of resources for computer network security and business continuity require strategic, long-term planning. Most companies tend to be reactive and respond with quick infrastructure solutions. The purpose of risk analysis should be to assist managers in making informed decisions about investment and developing risk management policies. High countermeasures expenditure on every aspect of an information system is out of question in a commercial organisation. Therefore, this expenditure must be directed to reduce corporate exposure to information system risks in the context of overall business risks. The aim of this paper is to report the on going research to justify funding for network security expenditure through risk assessment practice

Information and network management security Investment

In today’s business environment it is difficult to obtain senior management approval for the expenditure of valuable resources to “guarantee “that a potentially disastrous event will not occur that could affect the organisation performance. Analysing potential risk and the allocation of resources for computer network security and business continuity require strategic, long-term planning. Most companies tend to be reactive and respond with quick infrastructure solutions. A strategic approach to computer network security leads to a more efficient plan and a less expensive risk-management strategy. Financial modelling is a fundamental component of all business investment cases. IT security investment proposals have unique qualities that can pose expenditure justification challenges. This paper aims to explore various financial models and to develop one that IT managers can effectively use to support their business cases