Hemantha S. B. Herath

Learn More
Balanced Scorecard Implementation of Security Strategies: A Framework for IT Security Performance Management Tejaswini Herath a , Hemantha Herath b & Wayne G. Bremser c a Department of Finance, Operations and Information Systems, Faculty of Business , Brock University , St. Catharines, ON, Canada b Department of Accounting, Faculty of Business , Brock(More)
In recent years there has been a growing stream of research focusing on cyber-insurance. Risk transference with insurance has been suggested by both practitioners and academics to absorb losses caused by security breaches as well as to supplement the existing set of security tools to manage IT security residual risk after IT security investments are made.(More)
a r t i c l e i n f o Keywords: Information technology management Information technology audit Information systems audit Information security audit Audit decision Agency model Compliance with ever-increasing privacy laws, accounting and banking regulations, and standards is a top priority for most organizations. Information security and systems audits for(More)
Hierarchical modeling is often used a tool which, as an interdisciplinary effort, combines the estimation technique and data mining techniques to model reliability systems. The reliability of the model is measured in terms of how much sufficiently accurate model is over the entire input range and the level of confidence in predictions. WinBUGS is Windows(More)
We develop an integrative model grounded in two theoretical perspectives -- the diffusion of innovation theory and the technology-organization-environment framework -- to examine the diffusion of information security solutions (ISS) in organizations. We specify four innovation characteristics that are specific to ISS (compatibility, complexity, costs, and(More)
Justifying Spam and E-mail Virus Security Investments: A Case Study Hemantha Herath and Tejaswini Herath Abstract: Our paper investigates the problem of justifying security investments concerning spam and email virus using real life data from a midsize North American university. We formulate the spam and email virus security problem as a capital budgeting(More)
  • 1