Abercrombie, Robert K; Ferragut, Erik M; Sheldon, … - 2011
Abstract Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. Risk assessment is the widely accepted...