Information Management and Cybersecurity Through the Lens of Innovation: Industry–Cloud

Abstract

The paper explores how cyber security innovation can improve the quality and efficiency of information management processes in an industry–cloud configuration. Instead of focusing on the “tool zoo”, the proposed approach evaluates security initiatives by their effect on managerial metrics: Annual Loss Expectancy (ALE), Return on Security Investment (ROSI), the Saved Value of Information (SVI), and the “system power” P(t). Two hypothetical but realistic case studies are analyzed: a manufacturing enterprise with integrated IT/OT systems and a software company operating predominantly in the cloud. For both organizations, we construct simplified “system passports”, estimate ALE, ROSI and SVI, and assess P(t) as a normalized profile of execution conditions (infrastructure, automation, processes and culture, financial sustainability). We then use the I–E–T model (Investments – Effectiveness – Technologies) and the K–C–F model (Knowledge/Processes – Costs – Fears) to explain why similar classes of measures generate different returns in the industrial and cloud contexts. The results show that, with comparable budgets, organizations with higher P(t) achieve greater improvements in risk reduction and process quality. The practical contribution is a compact management reporting template that includes interval estimates of ALE/ROSI/SVI, a simple P(t) checklist, and a “system passport” structure. This template is compatible with NIST/ISO frameworks and emphasizes process quality in industry–cloud environments. UDC: 004.056.5:005.591.6; JEL: D81, L86, M15, O33, C63