George P. Corser

Learn More
Traditional cost-benefit analysis (CBA) quantifies the value of information security safeguards in terms of their expenses compared to their savings before and after their implementation. This paper considers CBA from the attacker's viewpoint, adding another type of measurement, the willingness to endure consequences. We propose a new set of equations and(More)
  • 1