Asee peer logo

Are We Prepared: Issues Relating to Cybersecurity Economics

Download Paper |


2014 ASEE Annual Conference & Exposition


Indianapolis, Indiana

Publication Date

June 15, 2014

Start Date

June 15, 2014

End Date

June 18, 2014



Conference Session

Information and Network Security

Tagged Division

Computing & Information Technology

Page Count


Page Numbers

24.196.1 - 24.196.12

Permanent URL

Download Count


Request a correction

Paper Authors


Jane LeClair National Cybersecurity Institute at Excelsior College

visit author page

Dr. Jane LeClair serves as the Chief Operating Officer of the National Cyber-security Institute (NCI) at Excelsior College in Washington, D.C., whose mission is to serve as an academic and research center dedicated to increasing the knowledge of the cyber security discipline.

Prior to this position, Dr. LeClair served as Dean of the School of Business and Technology at Excelsior College where she led faculty and staff in carrying out the mission and goals of the college and school. During her tenure as dean she oversaw the develop of numerous new programs including six in cyber security, with the establishment of the BS in Cyber Operations and MS in Cybersecurity. Her recent book "Protecting Our Future: Educating a Cybersecurity Workforce" was published in December 2013 by Hudson Whitman Press.

visit author page


Denise Pheils National Cybersecurity Institute

visit author page

Dr. Pheils has taught networking and cybersecurity topics for associate through doctoral learners on-ground and online. She worked on the faculty panel to help determine the initial NSA Center of Academic Excellence standards for 2 year schools and earned that designation for Owens Community College as one of the first 13 in the nation. Dr. Pheils holds 21 certifications including the CISSP and PMP, and bringing many years of relevant and current work and research into cybersecurity topics. To provide hands-on experience to cybersecurity learners she piloted the Community Project Approach to Teaching Networking and Cybersecurity Topics that partners classes with not-for-profits in the community to accomplish tasks and secure that organization. She is a Fellow with the National Cybersecurity Institute at Excelsior College.

visit author page

Download Paper |


Are We Prepared: Issues Relating to Cyber Security EconomicsToday, more than ever, we know that the world of cyber security is a key global issue. Yet, thefinancial costs related to cyber security investment decisions that benefit organizations,government and the community must be balanced between the risks an organization may takewith its data, both that which it generates and that which it is entrusted with, and the cost ofprotecting that data. Data must be accessible to those people who have a need for it, and yet, bythis very accessibility to members of the organization it becomes vulnerable. Unfortunately,today insider threats are one of the main concerns of all organizations, both public and private.Add to that the often nonsystematic approach to protection that of that data, and significantproblems arise. The three main reasons to focus on the cyber security economics relate squarelyto the bottom line. If adequate protection measures are not taken, the data may be lost to outsidehackers or to employee threats. This in turn affects the bottom line when the organizations nameis tarnished. If sensitive data is lost or exposed to the public as we have seen in the recent past,lawsuits and legal fees become a bottom line expense. Finally, if organizations are not followingthe numerous regulations in place to protect sensitive data, both fines and criminal penalties maybe lodged against them. Once again, cyber security economics affect the bottom line. Bydeveloping an awareness and training program and an effective cyber security program,organizations will meet their data protection needs and save themselves from the plethora ofissues that can results in economic loss. In order to do this, top management withinorganizations must recognize and understand the need for the critical support, both in physicaland human resources that they hold the key to in order to make the change possible.This paper will discuss in detail the cyber security challenges facing today’s public and privateorganizations, including regulations, inadequate cyber security programs, policies, mandatorydisclosure of security incidents and intrusions, raising management’s focus on cyber securityneeds and will provide recommendations to improve an organization’s cyber security footprint.

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2014 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015