Fair-based loss measurement model for enterprise personal information breach

Jang Ho Yun, In Hyun Cho, Kyung Ho Lee

Research output: Chapter in Book/Report/Conference proceedingChapter


Loss measurement for personal information breach incidents can be used as a basis for decision making for information security investments. In this vein, reasonable loss measurement is important in determining information security policies. However, the previous research is focused on estimating the amount of loss which is incurred after incidents. In order to be base data for decision making, loss measurement should include incident-causing-factors before incidents occur. In this paper, we propose a loss measurement model based on an improved FAIR (Factor Analysis of Information Risk) risk analysis methodology. Additionally, we verify the effectiveness of the proposed model by applying it to a large scale personal information leakage case.

Original languageEnglish
Title of host publicationLecture Notes in Electrical Engineering
PublisherSpringer Verlag
Number of pages9
Publication statusPublished - 2015

Publication series

NameLecture Notes in Electrical Engineering
ISSN (Print)1876-1100
ISSN (Electronic)1876-1119


  • Loss measurement model
  • Personal information breach
  • Security policy

ASJC Scopus subject areas

  • Industrial and Manufacturing Engineering


Dive into the research topics of 'Fair-based loss measurement model for enterprise personal information breach'. Together they form a unique fingerprint.

Cite this