@inproceedings{5588,
  abstract     = {{The protection of information technology (IT) has become and is predicted to remain a key economic challenge for organizations. While research on IT security investment is fast growing, it lacks a theoretical basis for structuring research, explaining economic-technological phenomena and guide future research. We address this shortcoming by suggesting a new theoretical model emerging from a multi-theoretical perspective adopt-ing the Resource-Based View and the Organizational Learning Theory. The joint appli-cation of these theories allows to conceptualize in one theoretical model the organiza-tional learning effects that occur when the protection of organizational resources through IT security countermeasures develops over time. We use this model of IT security invest-ments to synthesize findings of a large body of literature and to derive research gaps. We also discuss managerial implications of (closing) these gaps by providing practical ex-amples.}},
  author       = {{Weishäupl, Eva and Yasasin, Emrah and Schryen, Guido}},
  booktitle    = {{International Conference on Information Systems}},
  keywords     = {{Information Security, Investment, Literature review, Resource-based View, Organi-zational Learning Theory, Multi-theoretical Perspective}},
  title        = {{{A Multi-Theoretical Literature Review on Information Security Investments using the Resource-Based View and the Organizational Learning Theory}}},
  year         = {{2015}},
}