Definition
To protect and safeguard assets, information, and people, security investment is needed, accounting for interdependence between assets, information, and people, accounting for attack by actors seeking to compromise, destroy, or steal, and accounting for information sharing between defenders and attackers.
Background
The economics of security and privacy faces challenges given rapid technological development, which may alter how we historically relate to assets, information, and people. This entry involves both theory and application.
Introduction
This entry considers how to invest in information security when facing vulnerabilities and security breaches. We thereafter consider multiple firms, which may be interdependent, and where the income and substitution effects may operate. We finally consider how firms may share information with each other, and hackers may share information...
This is a preview of subscription content, log in via an institution to check access.
References
Gal-Or E, Ghose A (2005) The economic incentives for sharing security information. Inf Syst Res 16(2):186–208. https://doi.org/10.1287/isre.1050.0053
Gordon LA, Loeb MP (2002) The economics of information security investment. ACM Trans Inf Syst Secur 5(4):438–457. https://doi.org/10.1145/581271.581274
Gordon LA, Loeb MP, Lucyshyn W (2003) Sharing information on computer systems security: an economic analysis. J Account Public Policy 22(6):461–485. https://doi.org/10.1016/j.jaccpubpol.2003.09.001
Hausken K (2006a) Income, interdependence, and substitution effects affecting incentives for security investment. J Account Public Policy 25(6):629–665. https://doi.org/10.1016/j.jaccpubpol.2006.09.001
Hausken K (2006b) Returns to information security investment: the effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability. Inf Syst Front 8(5):338–349
Hausken K (2017) Security investment, hacking, and information sharing between firms and between hackers. Games 8(2):23. https://doi.org/10.3390/g8020023
Kunreuther H, Heal G (2003) Interdependent security. J Risk Uncertain 26(2–3):231–249. https://doi.org/10.1023/a:1024119208153
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2021 Springer Science+Business Media LLC
About this entry
Cite this entry
Hausken, K. (2021). Security Investment, Interdependence, Attacking, and Information Sharing. In: Jajodia, S., Samarati, P., Yung, M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27739-9_1628-1
Download citation
DOI: https://doi.org/10.1007/978-3-642-27739-9_1628-1
Received:
Accepted:
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27739-9
Online ISBN: 978-3-642-27739-9
eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering