Hasan Cavusoglu, University of British Columbia, Canada, Hasan.Cavusoglu@sauder.ubc.ca
ABSTRACT
Despite the fundamental importance of information security, organizations make less than optimal investments in it. Since neither under or overinvestment are desirable, organizations should understand barriers that adversely affect their decision-making processes, and may prevent sound investment decisions in the context of information security. In this paper, we highlight major obstacles that decision-makers face when making investment decisions pertaining to information security and suggest ways to deal with those obstacles.
