Is there a cost to privacy breaches? An event study, Fifth Workshop on the Economics of Information Security, 2006. ,
An ounce of prevention vs. a pound of cure: How can we measure the value of IT security solutions?, 2004. ,
Finally, a real return on security spending, CIO Magazine, Februari 15, pp.43-52, 2002. ,
A comparative framework for evaluating information security risk management methods, Proceedings of the Information Security South Africa Conference, 2004. ,
Quantifying the financial impact of IT security breaches, Information Management & Computer Security, vol.11, issue.2, pp.74-83, 2003. ,
DOI : 10.1108/09685220310468646
The economics of information security investment, ACM Transactions on Information and System Security, vol.5, issue.4, pp.438-457, 2002. ,
DOI : 10.1145/581271.581274
How much is enough? A risk management approach to computer security, NIST Special, vol.8, 2000. ,
Are we forgetting the risks of information technology?, Computer, vol.33, issue.12, pp.43-51, 2000. ,
DOI : 10.1109/2.889092
Managing vulnerabilities in networked systems, Computer, vol.34, issue.11, pp.32-38, 2001. ,
DOI : 10.1109/2.963441
Business process-based valuation of IT-security Proceedings of the 7th international workshop on Economics-driven software engineering research, ICSE Risk Reduction Overview example, vol.14, pp.1-5, 2005. ,
Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees, Security and Communication Networks, vol.1, issue.1, pp.929-943, 2012. ,
DOI : 10.1002/sec.299
Attack Trees. Dr. Dobb's, Journal of Software Tools, vol.24, issue.12, pp.21-29, 1999. ,