{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,29]],"date-time":"2025-09-29T08:25:39Z","timestamp":1759134339832},"publisher-location":"Boston, MA","reference-count":18,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9780387723662"},{"type":"electronic","value":"9780387723679"}],"license":[{"start":{"date-parts":[[2007,1,1]],"date-time":"2007-01-01T00:00:00Z","timestamp":1167609600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2007]]},"DOI":"10.1007\/978-0-387-72367-9_3","type":"book-chapter","created":{"date-parts":[[2007,11,9]],"date-time":"2007-11-09T23:12:08Z","timestamp":1194649928000},"page":"25-35","source":"Crossref","is-referenced-by-count":17,"title":["Value creation and Return On Security Investments (ROSI)"],"prefix":"10.1007","author":[{"given":"Christer","family":"Magnusson","sequence":"first","affiliation":[]},{"given":"Josef","family":"Molvidsson","sequence":"additional","affiliation":[]},{"given":"Sven","family":"Zetterqvist","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"3_CR1","unstructured":"T. Copeland, T. Koller, and J. Murrin, Valuation, Measuring and Managing the value of companies, second edition, McKinsey & Company, Inc. (John Wiley & Sons, Inc, 1995)."},{"key":"3_CR2","first-page":"223","volume-title":"Shareholder Value, I. Cornelius and M. Davies","author":"J. McTaggart","year":"1997","unstructured":"J. McTaggart, P. Kontes, M. Mankins, in: Shareholder Value, I. Cornelius and M. Davies (FT Financial Publishing, Pearson Professional Limited, London, 1997), p. 223."},{"key":"3_CR3","volume-title":"Managing Information Security Risks, The OCTAVE Approach","author":"C. Alberts","year":"2003","unstructured":"C. Alberts and A. Dorofee, Managing Information Security Risks, The OCTAVE Approach, Carnegie Mellon Software Engineering Institute, USA (Addison Wesley, 2003)."},{"key":"3_CR4","unstructured":"A. Granova and J.H.P. Eloff, Who Carries The Risk? Proceedings of the 4TH Annual International Information Security South Africa conference, July 2004, (ISBN 1-86854-522-9)."},{"issue":"5","key":"3_CR5","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1016\/j.cose.2004.05.002","volume":"23","author":"B. V. Solms","year":"2004","unstructured":"B. V. Solms and R. V. Solms, The 10 deadly sins of information security management, in: Computers & Security, Vol. 23 No 5 (ISSN 0167-4048, 2004), pp. 371\u2013376.","journal-title":"Computers & Security"},{"key":"3_CR6","unstructured":"J.H.P. Eloff, Tactical level \u2014 an overview of the latest trends in risk analysis, certification, best practices and international standards, Information Security Architectures Workshop, Fribourg, Switzerland, February 2002."},{"key":"3_CR7","unstructured":"P.A. David, The Dynamo and the Computer: An Historical Perspective on the Modern Productivity Paradox, (American Economic Review, 1990)."},{"key":"3_CR8","unstructured":"T. Falk and N-G. Olve, IT som strategisk resurs (Liber-Hermods, 1996)."},{"key":"3_CR9","unstructured":"K.J. Soo Hoo, How Much Is Enough? A Risk Management Approach to Computer Security, Ph.D. Thesis, University of Stanford, 2000."},{"key":"3_CR10","unstructured":"H. Wei, D. Frinke, O. Carter, and C. Ritter Wei, Cost-Benefit Analysis for Network Intrusion Detection, Centre for Secure and Dependable Software, University of Idaho, Proceedings of the 28th Annual Computer Security Conference October, 2001."},{"key":"3_CR11","unstructured":"K.J. Soo Hoo, A.W. Sudbury, A.R. Jaquith, Tangible ROI through Secure Software Engineering (Secure Business Quarterly, 4th Quarter 2001)."},{"key":"3_CR12","unstructured":"The CERTR Coordination Center (April 30, 2003); \n                    http:\/\/www.cert.org\n                    \n                  ."},{"key":"3_CR13","doi-asserted-by":"crossref","unstructured":"S.D. Moitra and S.L. Konda, A Simulation Model for Managing Survivability of Networked Information Systems, Technical Report CMU\/SEI-2000-TR-020, Carnegie Mellon Software Engineering Institute, 2000.","DOI":"10.21236\/ADA387453"},{"key":"3_CR14","doi-asserted-by":"crossref","unstructured":"D.W. Straub and R.J. Welke, Coping With Systems Risk: Security Planning Models for Management Decision Making (MIS Quarterly, December 1998).","DOI":"10.2307\/249551"},{"key":"3_CR15","doi-asserted-by":"crossref","DOI":"10.1201\/b17776","volume-title":"Enterprise Security Architecture: a business driven approach","author":"J. Sherwood","year":"2005","unstructured":"J. Sherwood, A. Clark, A, and D. Lynas., Enterprise Security Architecture: a business driven approach (CMP Books, USA, 2005)."},{"key":"3_CR16","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/0955-1662(95)99682-Z","volume":"6","author":"M. K. Nalla","year":"1995","unstructured":"M. K. Nalla, K. Christian, M. Morash, and P. Schram, Practitioners\u2019 perceptions of graduate curriculum in security education (Security Journal, 6, 1995), pp. 93\u201399.","journal-title":"Security Journal"},{"key":"3_CR17","unstructured":"I. O. Angell, Computer security in these uncertain times: the need for a new approach, Proceedings of the Tent World Conference on Computer Security, Audit and Control, COMPSEC, London, UK, 1993, pp. 382\u2013388."},{"key":"3_CR18","unstructured":"Eleventh Annual CSI\/FBI Computer Crime and Security Survey, Computer Security Institute, 2006; \n                    http:\/\/www.gocsi.com\n                    \n                  ."}],"container-title":["IFIP International Federation for Information Processing","New Approaches for Security, Privacy and Trust in Complex Environments"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-72367-9_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T18:02:35Z","timestamp":1558375355000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-72367-9_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007]]},"ISBN":["9780387723662","9780387723679"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-72367-9_3","relation":{},"ISSN":["1571-5736"],"issn-type":[{"type":"print","value":"1571-5736"}],"subject":[],"published":{"date-parts":[[2007]]}}}