{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T07:36:24Z","timestamp":1777102584665,"version":"3.51.4"},"reference-count":11,"publisher":"Association for Computing Machinery (ACM)","issue":"7","license":[{"start":{"date-parts":[[2004,7,1]],"date-time":"2004-07-01T00:00:00Z","timestamp":1088640000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2004,7]]},"DOI":"10.1145\/1005817.1005828","type":"journal-article","created":{"date-parts":[[2004,7,20]],"date-time":"2004-07-20T16:39:33Z","timestamp":1090341573000},"page":"87-92","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":213,"title":["A model for evaluating IT security investments"],"prefix":"10.1145","volume":"47","author":[{"given":"Huseyin","family":"Cavusoglu","sequence":"first","affiliation":[{"name":"Tulane University, New Orleans, LA"}]},{"given":"Birendra","family":"Mishra","sequence":"additional","affiliation":[{"name":"The University of California at Riverside"}]},{"given":"Srinivasan","family":"Raghunathan","sequence":"additional","affiliation":[{"name":"The University of Texas at Dallas, Richardson, TX"}]}],"member":"320","published-online":{"date-parts":[[2004,7]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"CIO Magazine (Feb. 15","author":"Berinato S.","year":"2002","unstructured":"Berinato , S. Finally, a real return on security spending . CIO Magazine (Feb. 15 , 2002 ). Berinato, S. Finally, a real return on security spending. CIO Magazine (Feb. 15, 2002)."},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/163298.163309"},{"key":"e_1_2_1_3_1","unstructured":"Cavusoglu H. Mishra B. and Raghunathan S. The effect of Internet security breach announcements on shareholder wealth: Capital market reactions for breached firms and Internet security developers. International J. of Electronic Commerce. Forthcoming.  Cavusoglu H. Mishra B. and Raghunathan S. The effect of Internet security breach announcements on shareholder wealth: Capital market reactions for breached firms and Internet security developers. International J. of Electronic Commerce. Forthcoming."},{"key":"e_1_2_1_4_1","volume":"200","author":"Collofello","unstructured":"Collofello , J. Software Development Risk Management , 200 0; www.eas.asu.edu\/~riskmgmt\/ Collofello, J. Software Development Risk Management, 2000; www.eas.asu.edu\/~riskmgmt\/","journal-title":"J. Software Development Risk Management"},{"key":"e_1_2_1_5_1","first-page":"4","volume":"16","author":"Denning D.","year":"2000","unstructured":"Denning , D. Reflections on cyberweapons controls. Computer Security J. 16 , 4 ( 2000 ), 43--53. Denning, D. Reflections on cyberweapons controls. Computer Security J. 16, 4 (2000), 43--53.","journal-title":"Computer Security J."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/581271.581274"},{"key":"e_1_2_1_8_1","volume-title":"Toward cost-sensitive modeling for intrusion detection and response. J. Computer Security","author":"Lee W.","year":"2001","unstructured":"Lee , W. , Fan , W. , Miller , M. , Stolfo , S. , and Zadok , E . Toward cost-sensitive modeling for intrusion detection and response. J. Computer Security ( 2001 ). Lee, W., Fan, W., Miller, M., Stolfo, S., and Zadok, E. Toward cost-sensitive modeling for intrusion detection and response. J. Computer Security (2001)."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.889092"},{"key":"e_1_2_1_10_1","volume-title":"The survivability of network systems: An empirical analysis","author":"Moitra S.","year":"2000","unstructured":"Moitra , S. and Konda , S . The survivability of network systems: An empirical analysis . Carnegie Mellon Software Engineering Institute . Technical Report, CMU\/SEI- 2000 -TR-021. Moitra, S. and Konda, S. The survivability of network systems: An empirical analysis. Carnegie Mellon Software Engineering Institute. Technical Report, CMU\/SEI-2000-TR-021."},{"key":"e_1_2_1_11_1","volume-title":"Games and Information","author":"Rasmusen E.","year":"1998","unstructured":"Rasmusen , E. Games and Information . Blackwell Publishers , 1998 . Rasmusen, E. Games and Information. Blackwell Publishers, 1998."},{"key":"e_1_2_1_12_1","volume-title":"Issue on Return on Security Investment (Q4","author":"Secure Business Quarterly","year":"2001","unstructured":"Secure Business Quarterly . Issue on Return on Security Investment (Q4 , 2001 ). Secure Business Quarterly. Issue on Return on Security Investment (Q4, 2001)."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1005817.1005828","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1005817.1005828","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:24:55Z","timestamp":1750263895000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1005817.1005828"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004,7]]},"references-count":11,"journal-issue":{"issue":"7","published-print":{"date-parts":[[2004,7]]}},"alternative-id":["10.1145\/1005817.1005828"],"URL":"https:\/\/doi.org\/10.1145\/1005817.1005828","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"value":"0001-0782","type":"print"},{"value":"1557-7317","type":"electronic"}],"subject":[],"published":{"date-parts":[[2004,7]]},"assertion":[{"value":"2004-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}