1 |
Varian, H., "Managing Online Security Risks," in The New York Times, ed, 2000.
|
2 |
Wooldridge, J., Introductory econometrics : A modern approach, 2nd ed. Mason, OH : Thomson South-Western, 2003.
|
3 |
Zhao, X., "Economic analysis on information security and risk management," Ph. D. Dissertation, The University of Texas at Austin, Texas, 2007.
|
4 |
Johnson, V. R., "Cybersecurity, Identity Theft, and the Limits of Tort Liability," South Carolina Law Review, Vol. 53, pp. 255-311, 2005.
|
5 |
Korean Internet and Security Agency, "Korean Information Security Survey," Korean Internet and Security Agency, Seoul, Korea, 2007.
|
6 |
Korean Internet and Security Agency, "2008 Korean Information Security Survey," Korean Internet and Security Agency, Seoul, Korea, 2008.
|
7 |
Kunreuther, H. and Heal, G., "Interdependent security," Journal of Risk and Uncertainty, Vol. 26, pp. 231-249, 2003.
DOI
ScienceOn
|
8 |
Liu, W., Tanaka, H., and Matsuura, K., "Empirical-analysis methodology for information-security investment and its application to reliable survey of Japanese firms," Information and Media Technologies, Vol. 3, pp. 464-478, 2008.
|
9 |
Majuca, R. P., "Three essays on the law and economics of information technology security," University of Illinois at Urbana-Champaign, 2006.
|
10 |
National Information Society Agency, "Information Society Statistics," National Information Society Agency, Seoul, Korea, 2006.
|
11 |
Ogut, H., Menon, N., and Raghunathan, S., "Cyber insurance and IT security investment : Impact of interdependent risk," University of Texas at Dallas, 2005.
|
12 |
Reich, P. C., "Cybercrime, Cybersecurity, and Financial Institutions Worldwide," in Cyberlaw for Global E-business : Finance, Payments and Dispute Resolution, Kubota, T., Ed., ed Hershey, PA : IGI Global, 2008.
|
13 |
Richardson, R., "CSI computer crime and security survey," Computer Security Institute, 2007.
|
14 |
Richardson, R., "CSI Computer Crime and Security Survey," Computer Security Institute, 2008.
|
15 |
Schneier, B., "Computer security : Itʼs the economics, stupid," in 1st Annual Workshop on Economics of Information Security, Barkeley, CA, 2002.
|
16 |
Statistics Korea, "Korean Census on Basic Characteristics of Establishments," Statistics Korea, Daejon, Korea, 2006.
|
17 |
Tanaka, H., Matsuura, K., and Sudoh, O., "Vulnerability and information security investment : An empirical analysis of elocal government in Japan," Journal of Accounting and Public Policy, Vol. 24, pp. 37-59, 2005.
DOI
ScienceOn
|
18 |
Acquisti, A., Friedman, A., and Telang, R., "Is there a cost to privacy breaches? An event study," in 5th Workshop on the Economics of Information Security, Cambridge, England, 2006.
|
19 |
Anderson, J., "Why We Need a New Definition of Information Security," Computers and Security, Vol. 22, pp. 308-313, 2003.
DOI
ScienceOn
|
20 |
Baker, W. H. and Wallace, L., "Is information security under control? : Investigating quality in information security management," Security and Privacy, IEEE, Vol. 5, pp. 36-44, 2007.
DOI
|
21 |
Campbell, K., Gordon, L., Loeb, M., and Zhou, L., "The economic cost of publicly announced information security breaches : empirical evidence from the stock market," Journal of Computer Security, Vol. 11, pp. 431-448, 2003.
DOI
|
22 |
Christie, A. A., "Aggregation of test statistics : An evaluation of the evidence on contracting and size hypotheses," Journal of Accounting and Economics, Vol. 12, pp. 15-36, 1990.
DOI
ScienceOn
|
23 |
Gordon, L. and Loeb, M., "The economic of information security investment," in Economics of Information Security, Camp, L. and Lewis, S., Eds., pp. 105-127, Boston : Kluwer Academic Publishers, 2004.
|
24 |
Gordon, L., Loeb, M., Lucyshyn, W., and Richardson, R., "CSI/FBI computer crime and security survey," COMPUTER SECURITY JOURNAL, Vol. 20, pp. 33-51, 2004.
|
25 |
Gordon, L., Loeb, M., Lucyshyn, W., and Richardson, R., "CSI/FBI computer crime and security survey," Computer Security Institute, 2005.
|
26 |
Gordon, L., Loeb, M., Lucyshyn, W., and Richardson, R., "CSI/FBI Computer crime and security survey," Computer Security Institute, 2006.
|
27 |
Gordon, L. A., Loeb, M. P., Lucyshyn, W., and Sohail, T., "The impact of the Sarbanes-Oxley Act on the corporate disclosures of information security activities," Journal of Accounting and Public Policy, Vol. 25, pp. 503-530, 2006.
DOI
ScienceOn
|
28 |
Hoo, K. J. S., "How Much Security is Enough : A Risk Management Approach to Computer Security," Ph. D. Dissertation, Stanford University, Stanford, California, 2000.
|