Organizational Risk and the Costs and Benefits of Biometrics Presentation to the European Union Biometrics Group May 14, 2004 Virginia Franke Kleist, Ph.D.

Slides:



Advertisements
Similar presentations
Chapter 15. Managing the Industrial Pricing Function BA B2B Marketing Lindell Phillip Chew.
Advertisements

Building Customer Relationships Through Effective Marketing
CHAPTER 8 PRICING Study Objectives
CHAPTER 8 PLANNING FOR IT SYSTEMS Knowing Where You‘re Going.
Example Case Analysis Western Chain Saw. Steps in Analyzing Case Analyze and Record the Current Situation –Threats, Opportunities –Strengths, Weaknesses.
Security Controls – What Works
Information Security Policies and Standards
1 An Overview of Computer Security computer security.
Demand and Elasticity A high cross elasticity of demand [between two goods indicates that they] compete in the same market. [This can prevent a supplier.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
MSIS 110: Introduction to Computers; Instructor: S. Mathiyalakan1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
1 IS371 WEEK 8 Last and Final Assignment Application Development Alternatives to Application Development Instructor Online Evaluations.
Health Informatics Series
ACCOUNT RELATIONSHIP MANAGEMENT
WHY IT SYSTEMS PLANNING? IT SYSTEMS PLANNING... l provides a systematic process for finding new IT systems. l generates a comprehensive list of new IT.
Market Segmentation, and Market Targeting
Corporate Management. Requirements Candidates need to display a knowledge of the language of corporate or strategic management and have an understanding.
Chapter 5 Initiating and Planning Systems Development Projects
Estimating the Market for Internet Service Provider-Based Cyber Security Solutions Brent Rowe – RTI International Doug Reeves – NC State University Dallas.
Managerial Economics Prof. M. El-Sakka CBA. Kuwait University Managerial Economics in a Global Economy Chapter 1 B.
CHAPTER 11 Crafting a Winning Business PLAN
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
The Purchasing Function
© 2005 Virtue Ventures LLC. Licensed under a Creative Commons Attribution-Share Alike 3.0 License Feasibility Analysis For Social Enterprise.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.
Assurance Case Approach TECNALIA Inspiring Business Novara November, 2013 TRIAL WS.
Copyright © Houghton Mifflin Company. All rights reserved. 9–19–1 Business Markets –Individuals or groups that purchase a specific kind of product for.
EXTERNAL INFLUENCES Technological Change Economics and Business P Oldfield 2013.
Week 10: Valuing Information Systems Investments MIS 2101: Management Information Systems.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
Chapter Thirteen Building Customer Relationships Through Effective Marketing.
Topic : 2 Markets and Competitive Space
Advertising As Marketing Tool. Marketing Process ► Four major stages:  Marketing environment analysis  Target market and positioning process  Market.
MARKETING. Standards… BCS-BE-36: The student demonstrates understanding of the concept of marketing and its importance to business ownership. BCS-BE-36:
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
DO NOT COPY Chapter 9 SERVICE operations management and business pricing.
Session 9 & 10. Definition of risk assessment and pre condition for risk assessment Establishment of clear, consistent agency objectives. Risk assessment.
Demand Response. What is Demand Response? In an electricity grid, electricity consumption and production must balance at all times Demand response in.
Marketing Decision Areas
Pricing: Understanding and Capturing Customer Value
Principles of Marketing Lecture-11. Summary of Lecture-10.
Lecture 6 Production Decisions. Goals and economic benefits from production What are the goals of production? –Some productive activities may be motivated.
Chapter 17 Price Setting in the Business World
Recap Chapter 1 & 2. CHAPTER 1 The 3 Basic Functions of Business Organizations Operations Finance Marketing Organization.
Market Research & Product Management.
CH 2 STRATEGY ANALYSIS. Strategy Analysis Strategy analysis is an important starting point for the analysis of financial statements –Allows the analyst.
Project Risk Management Planning Stage
Principles of Information Systems, Sixth Edition 1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Introduction to IT investment decision-making Pertemuan 1-2 Matakuliah: A Strategi Investasi IT Tahun: 2009.
©2002 South-Western Chapter 6 Version 6e1 chapter Business Marketing 6 6 Prepared by Deborah Baker Texas Christian University.
High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Personal Financial Planning.  Establishing a plan for how you spend your money can help you make wise purchases. What factors help you decide what to.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Chapter 8 : Management of Security Lecture #1-Week 13 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
© Thomson/South-Western ECONOMIC EDUCATION FOR CONSUMERS Slide 1 Consumer’s Role in the Economy Objectives: By the end of class, students will be able.
Lecture-8 MGT301 Principles of Marketing. Summary of Lecture-7.
Principles of Marketing Lecture-8. Summary of Lecture-7.
Serving IT up with ITIL By Thane Price. IT is the laboratory’s pit crew  Goal : Make technology transparent while accomplishing valuable internal customer.
MGT301 Principles of Marketing Lecture-11. Summary of Lecture-10.
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XIV)
Risk management.
3 Analyzing a Company’s External Environment Chapter
Connecting with Customers: The Art and Science of Marketing
INFORMATION SYSTEMS SECURITY and CONTROL
E-Commerce and Economic Forces
© Prentice Hall, 2007Excellence in Business, 3eChapter Connecting with Customers: The Art and Science of Marketing.
Presentation transcript:

Organizational Risk and the Costs and Benefits of Biometrics Presentation to the European Union Biometrics Group May 14, 2004 Virginia Franke Kleist, Ph.D. College of Business and Economics West Virginia University West Virginia, USA

Introduction Economic drivers for the biometrics industry Vendor Manufacturing Issues Vendor Marketing Issues Customer risk as a potential cost The costs and benefits of biometrics The biometrics decision as optimizing the fit between organizational risk and biometrics cost

How Can Academics Understand the Biometrics Industry? Positive network externalities, tipping point, increasing returns to scale Embedded base, large government purchases Production economics Open source code issues and standards development Information industries and dominant firms, new technology market behaviors Transactions cost theory Substitution goods

Time Product A (e.g., VHS, QWERTY keyboard) Product B (e.g., Beta, Dvorak keyboard) Path Dependency to Technology Dominance

Biometrics Industry Supply and Demand Price Quantity

Do various biometric devices cost more as their security detection cost/benefit profiles increase? Is there a relationship? Can two do a better job than one? Price The customer demand for biometrics devices, (Y b ) is some function of the following variables: Y b =  - ß 1 x 1 + ß 2 x 2 - ß 3 x 3 - ß 4 x 4 - ß 5 x 5 - ß 6 x 6 + ß 7 x 7 +  x 1 = Price of system; x 2 = Effectiveness of establishing security for buyer: e.g., ease of use, enrollment, stability of technology, resistance to false matching (single or system), false non-match rate, stability of biometric over time, perceptions of intrusiveness, convenience vs. deterrence (Nanavati, et al., 2002); x 3 = Price and effectiveness of substitution goods: Pin numbers, security guard, closed system, redundancy, backup procedures, disaster planning; x 4 = Insurance infrastructure: Is the potential loss from improper intrusion covered by insurance; x 5 = Legal structure: Effectiveness of legal infrastructure for prosecution of intrusion violations (Lessig, 1999); x 6 = Human Trust: The intrinsic level of trust between the parties involved x 6 = Risk of Loss from intrusion As user’s potential risk of loss increases, users will pay more for increased security from biometric, cost benefit, and vulnerability R1R1 R2R2 R3R3 Quantity

Vendor Supply Side Manufacturing Issues How well can we make the device work? How cheaply can we make the device? Can we manipulate the market to help reduce our production costs? Are we getting more cost effective as we sell these devices over time? How much more should we spend on our product development?

Vendor Supply Side Marketing Issues Within market and across market issues Market share of device type, market share of vendor What’s the “buzz” ? Standards vs. proprietary systems Number of competitors within niche Does the government like you? Can you lose money on your product in the short run?

Enterprise Level Precursor: Biometrics within Context of Organizational Risk (3) Identify Possible Controls and Prevention Procedures (8) Out of Box thinking on risk, or qualitative risk analysis (11) EVALUATE APPLICABILITY OF BIOMETRICS AS A SOLUTION WITHIN CONTEXT OF ORGANIZATIONAL RISK AND FIT TO SECURITY AND CONTROL ARCHITECTURE (10)Quantitative + Qualitative Ranking (9) Rank the most significant qualitative risks faced by the organization (1) Identify areas: potential security / internal control risk (2) Identify Potential Threats to Areas within Organization (4) Estimate cost of security Breach/IC to organization (5) Estimate likelihood of security breach, need for IC (7)Rank the most significant quantitative risks from most expensive to least (6) Calculate expected value and likelihood of a quantifiable loss

A Pictorial Representation of the Business Case Process: (1) Document the business problem or opportunity (2) Precursor decisions – Document that biometrics would be considered an acceptable solution provided that biometric technologies resolve the business problem (3) Frame the business problem in terms of biometrics: Verification or identification Physical versus logical access Large versus small number of users (4) Document the strengths and weaknesses of the various biometrics technologies (solo and/or multi- modal) as a solution to the business process

(5) Document the strengths and weaknesses of the baseline solution and various substitute goods as a solution to the business process (6) Determine performance expectations for any solution and evaluate whether biometrics, baseline and substitute goods solutions meet those expectations (7) Document benefits QuantifiableSoft / Non-Quantifiable (8) Document costs QuantifiableSoft / Non-Quantifiable (9) Perform Sensitivity Testing (10) Make decision / Implement pilot test / Modify / Full-implementation

Organizational Risk and the Costs and Benefits of Biometrics Biometric benefit is to reduce risk Organizational risk can be security or control, internal or external The level of risk alters the cost benefit analysis- more risk, more benefit from a biometric There may be a fit between the nature of the risk and the optimal biometric solution

Organizational Risk and the Costs and Benefits of Biometrics Evaluating risk to buyers: what kind of risk? Evaluation solutions chosen by buyers: what biometrics chosen and why, what substitutes chosen and why Evaluating biometric in terms of nature of solution Evaluating fusion of biometrics as a solution to risk Evaluating biometrics fused with non-biometric substitute good as a solution to risk

Contact Thank you for your interest Best wishes on implementation Virginia Kleist: , Please contact me regarding issues of organizational risk and biometric fit