Hemantha S. B. Herath

Learn More
In recent years there has been a growing stream of research focusing on cyber-insurance. Risk transference with insurance has been suggested by both practitioners and academics to absorb losses caused by security breaches as well as to supplement the existing set of security tools to manage IT security residual risk after IT security investments are made.(More)
Hierarchical modeling is often used a tool which, as an interdisciplinary effort, combines the estimation technique and data mining techniques to model reliability systems. The reliability of the model is measured in terms of how much sufficiently accurate model is over the entire input range and the level of confidence in predictions. WinBUGS is Windows(More)
a r t i c l e i n f o Keywords: Information technology management Information technology audit Information systems audit Information security audit Audit decision Agency model Compliance with ever-increasing privacy laws, accounting and banking regulations, and standards is a top priority for most organizations. Information security and systems audits for(More)
Our paper investigates the problem of justifying security investments concerning spam and email virus using real life data from a midsize North American university. We formulate the spam and email virus security problem as a capital budgeting problem using operating characteristic (ROC) curves in a decision theoretic framework. Prior research has(More)
We develop an integrative model grounded in two theoretical perspectives -- the diffusion of innovation theory and the technology-organization-environment framework -- to examine the diffusion of information security solutions (ISS) in organizations. We specify four innovation characteristics that are specific to ISS (compatibility, complexity, costs, and(More)
  • 1