Cybersecurity is a national priority in this big data era. Because of negative externalities and the resulting lack of economic incentives, companies often underinvest in security controls, despite government and
industry recommendations. Although many existing studies on security have explored technical solutions, only a few have looked at the economic motivations. To fill the gap, we propose an approach to increase
the incentives of organizations to address security problems.
“Employees who don’t accept the time security takes are not aware enough”: The CISO view of human-centred security
In larger organisations, the security controls and policies that protect employees are typically managed by a Chief...