Organizations invest in perimeter hardening as well as intrusion detection systems, but often under stand alone decision frameworks. This could mean suboptimal investments in general. For example, practitioners’ approaches are more of ‘satisficing’ rather than ‘optimizing’ in nature. This paper provides methodological steps towards an integrated economic model that could seek jointly optimal investment behavior of a firm between its prevention and detection regimes of information system security management.