Atana

Since the majority of business processes in today's highly automated world are supported by IT systems, there are a number of threats that decision makers have to consider. Security hazards, such as viruses, hacker attacks, or data theft pose major threats to the reliable execution of business processes and may have negative effects on business value, e.g. on profit, shareholder value, or reputation. Therefore, companies are steadily increasing the amount of resources invested in protecting their business processes from security threats. Total global revenue for security products and service vendors amounted to $21.1 billion through 2005. Nonetheless, many businesses fail to address the issue of defining efficient security safeguards. Although security is considered as one of the most important issues in corporate environments, many companies are not aware of how much they spend on security and what is even more important, they do not know if the investments in security are effective. Since security does not generate business value directly, investing in security can only prevent negative events or reduce related adverse effects.