{"id":"https://openalex.org/W2052176782","doi":"https://doi.org/10.2753/mis0742-1222250210","title":"Understanding the Value of Countermeasure Portfolios in Information Systems Security","display_name":"Understanding the Value of Countermeasure Portfolios in Information Systems Security","publication_year":2008,"publication_date":"2008-09-01","ids":{"openalex":"https://openalex.org/W2052176782","doi":"https://doi.org/10.2753/mis0742-1222250210","mag":"2052176782"},"language":"en","primary_location":{"id":"doi:10.2753/mis0742-1222250210","is_oa":false,"landing_page_url":"https://doi.org/10.2753/mis0742-1222250210","pdf_url":null,"source":{"id":"https://openalex.org/S9954729","display_name":"Journal of Management Information Systems","issn_l":"0742-1222","issn":["0742-1222","1557-928X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Management Information Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5062588428","display_name":"Ram L. Kumar","orcid":"https://orcid.org/0000-0002-6139-3288"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Ram L. Kumar","raw_affiliation_strings":["a  Belk College of Business Administration, University of North Carolina, Charlotte","Belk College of Business Administration, University of North Carolina, Charlotte"],"affiliations":[{"raw_affiliation_string":"a  Belk College of Business Administration, University of North Carolina, Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"Belk College of Business Administration, University of North Carolina, Charlotte","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103104504","display_name":"Sungjune Park","orcid":"https://orcid.org/0000-0001-7482-4553"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sungjune Park","raw_affiliation_strings":["b  Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte","Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte"],"affiliations":[{"raw_affiliation_string":"b  Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"Department of Business Information Systems and Operations Management, University of North Carolina, Charlotte","institution_ids":["https://openalex.org/I102149020"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050829570","display_name":"Chandrasekar Subramaniam","orcid":"https://orcid.org/0000-0003-4832-2503"},"institutions":[{"id":"https://openalex.org/I102149020","display_name":"University of North Carolina at Charlotte","ror":"https://ror.org/04dawnj30","country_code":"US","type":"education","lineage":["https://openalex.org/I102149020"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chandrasekar Subramaniam","raw_affiliation_strings":["c  Information Systems, University of North Carolina, Charlotte","Information Systems, University of North Carolina, Charlotte#TAB#"],"affiliations":[{"raw_affiliation_string":"c  Information Systems, University of North Carolina, Charlotte","institution_ids":["https://openalex.org/I102149020"]},{"raw_affiliation_string":"Information Systems, University of North Carolina, Charlotte#TAB#","institution_ids":["https://openalex.org/I102149020"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5062588428"],"corresponding_institution_ids":["https://openalex.org/I102149020"],"apc_list":null,"apc_paid":null,"fwci":14.3817,"has_fulltext":false,"cited_by_count":98,"citation_normalized_percentile":{"value":0.98582523,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":"25","issue":"2","first_page":"241","last_page":"280"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9850000143051147,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/portfolio","display_name":"Portfolio","score":0.782932460308075},{"id":"https://openalex.org/keywords/countermeasure","display_name":"Countermeasure","score":0.6764479279518127},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.661445677280426},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6064945459365845},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5822625756263733},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.5485615730285645},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.4960256516933441},{"id":"https://openalex.org/keywords/threat","display_name":"Threat","score":0.4107128977775574},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.40570002794265747},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.31220945715904236},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.2712467908859253},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.21182939410209656},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.09669765830039978},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.08213987946510315},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.0681333839893341}],"concepts":[{"id":"https://openalex.org/C2780821815","wikidata":"https://www.wikidata.org/wiki/Q5340806","display_name":"Portfolio","level":2,"score":0.782932460308075},{"id":"https://openalex.org/C21593369","wikidata":"https://www.wikidata.org/wiki/Q1032176","display_name":"Countermeasure","level":2,"score":0.6764479279518127},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.661445677280426},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6064945459365845},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5822625756263733},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.5485615730285645},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.4960256516933441},{"id":"https://openalex.org/C17520342","wikidata":"https://www.wikidata.org/wiki/Q7797190","display_name":"Threat","level":5,"score":0.4107128977775574},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.40570002794265747},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.31220945715904236},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.2712467908859253},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.21182939410209656},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.09669765830039978},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.08213987946510315},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0681333839893341},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C146978453","wikidata":"https://www.wikidata.org/wiki/Q3798668","display_name":"Aerospace engineering","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.2753/mis0742-1222250210","is_oa":false,"landing_page_url":"https://doi.org/10.2753/mis0742-1222250210","pdf_url":null,"source":{"id":"https://openalex.org/S9954729","display_name":"Journal of Management Information Systems","issn_l":"0742-1222","issn":["0742-1222","1557-928X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Management Information Systems","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7599999904632568,"id":"https://metadata.un.org/sdg/13","display_name":"Climate action"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W110993677","https://openalex.org/W758034074","https://openalex.org/W1487665605","https://openalex.org/W1548953477","https://openalex.org/W1606488878","https://openalex.org/W1965895325","https://openalex.org/W1980316752","https://openalex.org/W1992580876","https://openalex.org/W2014516425","https://openalex.org/W2025405461","https://openalex.org/W2037870787","https://openalex.org/W2045814518","https://openalex.org/W2054901972","https://openalex.org/W2056075452","https://openalex.org/W2056902061","https://openalex.org/W2063179668","https://openalex.org/W2063863347","https://openalex.org/W2076734759","https://openalex.org/W2087193044","https://openalex.org/W2087425938","https://openalex.org/W2096830520","https://openalex.org/W2098721272","https://openalex.org/W2117203175","https://openalex.org/W2123601949","https://openalex.org/W2125569171","https://openalex.org/W2132144864","https://openalex.org/W2132581322","https://openalex.org/W2137567166","https://openalex.org/W2144958981","https://openalex.org/W2153721809","https://openalex.org/W2155055334","https://openalex.org/W2158310699","https://openalex.org/W2168538307","https://openalex.org/W2248433928","https://openalex.org/W2407010262","https://openalex.org/W4240007070"],"related_works":["https://openalex.org/W2062830664","https://openalex.org/W4247822198","https://openalex.org/W4232424383","https://openalex.org/W3199571163","https://openalex.org/W2793054839","https://openalex.org/W2095706021","https://openalex.org/W2383570347","https://openalex.org/W64368977","https://openalex.org/W2371791692","https://openalex.org/W2182243004"],"abstract_inverted_index":{"Organizations":[0],"are":[1,43],"faced":[2],"with":[3,35],"a":[4,46],"variety":[5],"of":[6,38,48,61,86,95,110,113,122,141],"information":[7,13],"security":[8,15,24,27,39,62],"threats":[9],"and":[10,76,103,106,117,120,139,143],"implement":[11],"several":[12],"system":[14],"countermeasures":[16,28],"(ISSCs)":[17],"to":[18,23,33,56,65,80,100],"mitigate":[19],"possible":[20,115],"damage":[21],"due":[22],"attacks.":[25],"These":[26],"vary":[29],"in":[30,146],"their":[31],"ability":[32],"deal":[34],"different":[36],"types":[37],"attacks":[40,63],"and,":[41],"hence,":[42],"implemented":[44],"as":[45],"portfolio":[47,68,88,98,137,148],"ISSCs.":[49],"A":[50],"key":[51],"challenge":[52],"for":[53],"organizations":[54],"is":[55],"understand":[57],"the":[58,66,73,93,101,108,118,133],"economic":[59],"consequences":[60],"relative":[64,99],"ISSC":[67,87,97,136],"implemented.":[69],"This":[70],"paper":[71],"combines":[72],"risk":[74],"analysis":[75],"disaster":[77],"recovery":[78,123],"perspectives":[79],"build":[81],"an":[82,96],"integrated":[83],"simulation":[84,127],"model":[85,91],"value.":[89,149],"The":[90,126],"incorporates":[92],"characteristics":[94,140],"threat":[102,144],"business":[104,142],"environments":[105,145],"includes":[107],"type":[109],"attack,":[111],"frequency":[112],"attacks,":[114],"damage,":[116],"extent":[119],"time":[121],"from":[124],"damage.":[125],"experiments":[128],"provide":[129],"interesting":[130],"insights":[131],"into":[132],"interactions":[134],"between":[135],"components":[138],"determining":[147]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":10},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":4},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":8},{"year":2013,"cited_by_count":8},{"year":2012,"cited_by_count":14}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}