As part of the University of Maryland’s Great Expectation’s Campaign, Dr. Lawrence Gordon endowed a prize for the best essay in Managing Cybersecurity Resources. Dr. Gordon has been very generous with his time in answering questions regarding on information security economics for bloginfosec.com readers. So, it is my privilege to help get the word out about this fantastic prize.
While the initial prize is set at $1000, in private conversation Dr. Gordon expressed the possibility that this prize value may increase. (Please contact Dr. Gordon directly if you wish to donate to the Endowment that supports the Gordon prize.)
Here is some background on the economic cybersecurity framework Dr. Gordon co-created:
The Gordon-Loeb Model presents an economic framework that helps managers evaluate the right amount of resources to expend on information security. This is an immensely practical issue. “If there was no limit to how much a company could spend, everyone would have near perfect security,” says Gordon. “Using an economic framework helps people determine the point at which the marginal cost of security measures—putting in firewalls or better access controls, for example—equals the marginal benefits. You don’t want to spend beyond that point.”
According to the news announcement: “The prize will be offered yearly and the competition is open to students, faculty, and information security professionals in both the public and private sector.”
Please help me to spread the word of this announcement and help increase the knowledge in the information security field.