Information Security Decisions of Enterprises in the Context of Digital Transformation

Abstract

At present, the digital economy is booming, and the digital transformation of enterprises is deepening and continuously advancing. Security has become an important challenge for enterprise digital transformation. Businesses ensure their security by investing in information security, but faced the problem of information security decision-making in the context of digital transformation. Based on the expected utility model, this paper considers the digital transformation factors of enterprises such as digital transformation investment, enterprise vulnerability impact coefficient, and relative investment efficiency, and gives the optimal information security investment strategy for enterprises under the background of digital transformation under the conditions of non-targeted attack and targeted attack. The research results show that with the increase of enterprise digital transformation investment, the investment in optimal information security of enterprises increases, and the increase of relative investment efficiency makes the information security efforts of enterprises show a trend of increasing first and then decreasing. In non-targeted and targeted attack scenarios, enterprises need to make differentiated information security investments based on vulnerability impact factors.