RESEARCH INTERESTS

  • Economics of Information Systems
  • Information Security Management
  • Homeland Security
  • Product Customization
  • Supply Chain Management
    REFEREED JOURNAL PUBLICATIONS

  1. Cavusoglu, H., B. Koh, and S. Raghunathan (2010), "An Analysis of the Impact of Passenger Profiling for Transportation Security," Operations Research, Forthcoming


  2. Cavusoglu, H., S. Raghunathan, and H. Cavusoglu (2009), "Configuration of and Interaction Between Information Security Technologies: The Case of Firewalls and Intrusion Detection Systems," Information Systems Research, 20(2), June, pp. 198-217


  3. Gerace, T., H. Cavusoglu (2009), "The Critical Elements of the Patch Management Process," Communications of the ACM, 52(8) pp. 117-121


  4. Cavusoglu, H., H. Cavusoglu, J. Zhang (2008), "Security Patch Management - Share the Burden or Share the Damage?," Management Science, 54(1), April, pp. 657-670


  5. Ogut, H., H. Cavusoglu, S. Raghunathan (2008), "Intrusion Detection Policies for IT Security Breaches," INFORMS Journal on Computing, 20(1), Winter, pp. 112-123


  6. Cavusoglu, H., S. Raghunathan, and W. Yue (2008), "Decision-Theoretic and Game-Theoretic Apporaches to IT Security Investment," Journal of Management Information Systems, 25(2), Fall, pp. 281-304


  7. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2007), "Efficiency of Vulnerability Disclosure Mechanisms to Disseminate Vulnerability Knowledge ," IEEE Transactions on Software Engineering, 33(3), March, pp. 171-185


  8. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2007), "Selecting a Customization Strategy under Competition: Mass Customization, Targeted Mass Customization, and Product Proliferation," IEEE Transactions on Engineering Management, 54(1), February, pp. 12-28, Special Issue on Mass Customization (Lead Article)


  9. Cavusoglu, H., B. Mishra, S. Raghunathan (2005), "The Value of Intrusion Detection Systems in Information Technology Security Architecture," Information Systems Research, 16(1), March, pp. 28-46


  10. Cavusoglu, H. and S. Raghunathan (2004), "Configuration of Detection Software: A Comparison of Decision and Game Theory Approaches," INFORMS Decision Analysis, 1(3), September, pp. 131-148


  11. Cavusoglu, H., B. Mishra, S. Raghunathan (2004), "A Model for Evaluating IT Security Investments," Communications of the ACM, 47(7), July, pp. 87-92


  12. Cavusoglu, H., B. Mishra, S. Raghunathan (2004), "The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reaction for Breached Firms and Internet Security Developers," Special Issue: Measuring the Business Value of Information Technology in e-Business Environments, International Journal of Electronic Commerce, 9(1), pp. 69-105


  13. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2004), "Economics of IT Security Management: Four Missing Elements of Current Security Practices," Communications of the AIS, 14(3), July
    REFEREED CONFERENCE/WORKSHOP PUBLICATIONS

  1. Cezar, A., H. Cavusoglu, S. Raghunathan (2009), ", Speculative Risks, and IT Security Outsourcing," Workshop on the Economics of Information Security (WIES), London, England, June


  2. Cavusoglu, H., H. Cavusoglu, J. Son, I. Benbasat (2008), "What Drive Organizations to Invest in Information Security Controls? ," Workshop on Information Systems Economics (WISE), Paris, France, December


  3. Cavusoglu, H., B. Koh, S. Raghunathan (2008), "Analysis of the Impact of User Profiling for Security: Who really Benefits from Profiling?," Secure Knowledge Management (SKM), Richardson, TX, November


  4. Cezar, A., H. Cavusoglu, S. Raghunathan (2008), "Impact of Competition on Firms' Decisions to Outsource IT Security," Secure Knowledge Management (SKM), Richardson, TX, November


  5. Raghunathan, S., H. Cavusoglu, B. Mai (2008), "User Segmentation, Profiling, and Screening in Security," Secure Knowledge Management (SKM), Richardson, TX, November


  6. Cezar, A., H. Cavusoglu, S. Raghunathan (2008), "Impact of Competition on Firms' Decisions to Outsource IT Security," Conference on Information Systems and Technology (CIST), Washington, DC, October


  7. Cavusoglu, H., B. Mishra, S. Raghunathan (2008), "Optimal Configuration of Intrusion Detection Systems," Financial Information Systems and Cybersecurity , College Park, MD, May


  8. Cavusoglu, H., H. Cavusoglu, J. Zhang (2007), "Security Patch Management - Share the Burden or Share the Damage?," Workshop on Information Systems and Economics (WISE), Montreal, Canada, December


  9. Raghunathan, S., H. Cavusoglu,, B. Koh, and B. Mai (2007), "Economics of User Segmentation, Profiling, and Detection in Security," Workshop on Economics of Information Security (WEIS), Pittsburgh, PA, June


  10. Cavusoglu, H., H. Cavusoglu, J. Zhang (2007), "Security Patch Management," Decision and Risk Analysis Conference , Richardson, TX, May


  11. Cavusoglu, H., H. Cavusoglu, J. Son and I. Benbasat(2007), "Understanding Information Security Controls: An Empirical Study," Decision and Risk Analysis Conference , Richardson, TX, May


  12. Cavusoglu, H., B. Mishra, S. Raghunathan (2006), "Configuration of Intrusion Detection Systems," The Secure Knowledge Management Workshop (SKM), The Best Paper Award, Brooklyn, NY, September


  13. Cavusoglu, H., H. Cavusoglu, J. Zhang (2006), "Economics of Security Patch Management," Workshop on Economics of Information Security (WEIS), Cambridge, England, June


  14. Cavusoglu, H., S. Raghunathan, and H. Cavusoglu (2005), "How do Security Technologies Interact with Each Other to Create Value: The Analysis of Firewall and Intrusion Detection System," Workshop on Information Systems and Economics (WISE), Irvine, CA, December


  15. Gerace, T., H. Cavusoglu (2005), "The Critical Elements of Patch Management," 33rd Annual ACM SIGUCCS Conference, Monterey, CA, November


  16. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2005), "Emerging Issues in Responsible Vulnerability Disclosure," Workshop on Economics of Information Security (WEIS), Boston, MA, June


  17. Cavusoglu, H., H. Cavusoglu, J. Zhang (2005), "Nested Policies for Security Patch Management," 35th International Conference on Computer and Industrial Engineering (CIE), Istanbul, Turkey, June


  18. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2005), "Degree of Customization under Competition," 35th International Conference on Computer and Industrial Engineering (CIE), Istanbul, Turkey, June


  19. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2004), "How Should We Disclose Software Vulnerabilities," Workshop on Information Technology and Systems (WITS), The Best Paper Nomination, Washington, DC, December


  20. Cavusoglu, H., H. Cavusoglu, J. Zhang (2004), "Security Patch Management: Can't Live with it, Can't Live without it," Workshop on Information Technology and Systems (WITS), Washington, DC, December


  21. Cavusoglu, H., H. Cavusoglu, S. Raghunathan (2004), "Analysis of Software Vulnerability Disclosure Policies," CORS/INFORMS Joint International Meeting, Banff, Alberta, Canada, May


  22. Cavusoglu, H. and S. Raghunathan (2003), "Configuration of Intrusion Detection Systems: A Comparison of Decision and Game Theoretic Approaches," International Conference on Information Systems (ICIS), The Best Completed Paper Nomination, Seattle, WA, December


  23. Cavusoglu, H., S. Raghunathan, and H. Ogut (2003), "Intrusion Detection Policies for IT Security Breaches," Workshop on Information Technology and Systems (WITS), The Best Paper Award, Seattle, WA, December


  24. Cavusoglu, H. and S. Raghunathan (2003), "The Analysis of Configuration Issue in Classification and Detection Systems," INFORMS Annual Meeting, Atlanta, GA, November


  25. Cavusoglu, H., B. Mishra, S. Raghunathan (2003), "Quantifying the Value of IT Security Mechanisms and Setting Up an Effective Security Architecture," Workshop on Economics of Information Security (WEIS), College Park, MD, May


  26. Cavusoglu, H., B. Mishra, S. Raghunathan (2003), "The Effect of Internet Security Breach Announcements on Market Value of Breached Firms and Internet Security Developers," AAA-IS Mid-Year Conference, San Diego, CA, January


  27. Cavusoglu, H., B. Mishra, S. Raghunathan (2002), "Optimal Design of Information Technology (IT) Security Architecture," International Conference on Information Systems (ICIS), Barcelona, Spain, December


  28. Cavusoglu, H., B. Mishra, S. Raghunathan (2002), "The Effect of Internet Security Breach Announcements on Market Value of Breached Firms and Internet Security Developers," Workshop on Information Systems and Economics (WISE), Barcelona, Spain, December


  29. Cavusoglu, H., B. Mishra, S. Raghunathan (2002), "Assessing the Value of Detective Control in IT Security," Americas Conference on Information Systems (AMCIS), pp. 1910-1918, Dallas, TX, August


  30. Cavusoglu, H. (2002), "The Economics of Information Technology (IT) Security," Americas Conference on Information Systems (AMCIS), pp.2481-2485, Dallas, TX, August 2002


    BOOK CHAPTERS

  1. Cavusoglu, H. "Economics of IT Security: A Literature Review," J. Camp and R. Lewis (eds), The Economics of Information Security, Kluwer, 2004


    PAPERS UNDER REVIEW

  1. Cavusoglu, H., H. Cavusoglu, S. Raghunathan, "Value of Postponement and Information Sharing Strategies for Supply Chains,"


  2. Raghunathan, S., H. Cavusoglu, B. Mai, "Profiling and Screening for Security When Attackers can Fake their Identity,"


  3. Cavusoglu, H., H. Cavusoglu, J. Y. Son and I. Benbasat, "Information Security Controls in Organizations: A Multidimentional View and their Key Drivers,"


    RESEARCH IN PROGRESS

  1. Cezar, A., H. Cavusoglu, and S. Raghunathan "Impact of Competition on Firms' Decision to Outsource IT Security,"


  2. Cezar, A., H. Cavusoglu, and S. Raghunathan "Incentive Issues in Contracting Information Security to Managed Security Service Providers,"


  3. Cavusoglu, H., H. Cavusoglu, "Do Online Shoppers Care More About Product Quality Uncertainty or Seller Uncertainty? Partitioning the Cost of Uncertainty in Online Markets and Analyzing the Impact of Reputation,"


  4. Cavusoglu, H., H. Cavusoglu, and S. Raghunathan, "Security and Traceability in Supply Chains,"


  5. Cavusoglu, H., H. Cavusoglu, and I. Benbasat, "Complementarities in Information Security Controls,"


  6. Cavusoglu, H., H. Cavusoglu "Analysis of Intra Market Adverse Selection in Online Auction Markets,"


  7. Cavusoglu, H., "An Empirical Investigation of Malware Diffusion,"


HOME |TEACHING | RESEARCH | VITA | PERSONAL