2013
DOI: 10.1287/deca.2013.0278
|View full text |Cite
|
Sign up to set email alerts
|

Information Security Investment When Hackers Disseminate Knowledge

Abstract: A s an emerging and thriving research branch, information security economics has recently drawn significant attention from practitioners and academics. Traditionally, both decision and static game theoretical techniques are employed to characterize the strategies of firms and hackers. However, these techniques fail to capture the dynamic attribute of the risk environment, which is an increasingly important element, especially in modern distributed and complex computer and communication networks. Utilizing a di… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
8
0
1

Year Published

2015
2015
2023
2023

Publication Types

Select...
8

Relationship

2
6

Authors

Journals

citations
Cited by 33 publications
(9 citation statements)
references
References 63 publications
0
8
0
1
Order By: Relevance
“…This paper is closely related with another hacker behavior, hacker knowledge dissemination, which is discussed by Mookerjee et al [32] and Gao et al [12,13]. Mookerjee et al [32] discuss how a firm's discrimination ability (the ability to distinguish between attacks and normal usage) changes with the hacker knowledge dissemination.…”
Section: Introductionmentioning
confidence: 92%
See 1 more Smart Citation
“…This paper is closely related with another hacker behavior, hacker knowledge dissemination, which is discussed by Mookerjee et al [32] and Gao et al [12,13]. Mookerjee et al [32] discuss how a firm's discrimination ability (the ability to distinguish between attacks and normal usage) changes with the hacker knowledge dissemination.…”
Section: Introductionmentioning
confidence: 92%
“…Mookerjee et al [32] discuss how a firm's discrimination ability (the ability to distinguish between attacks and normal usage) changes with the hacker knowledge dissemination. Gao et al [12] compare dynamic security investment under Cournot and Bertrand competition, whereas Gao et al [13] analyze how move-timing affects dynamic security investment. Different from Mookerjee et al [32] and Gao et al [13] who discuss the security investment of just one firm, this paper considers the security investment of two competitive firms.…”
Section: Introductionmentioning
confidence: 99%
“…Cavusoglu et al (2008) compare it to decision-theoretic approaches and suggests that the sequential game results in the maximum payoff for the firm. Considering that hackers may disseminate security knowledge within a hacker population over time, Gao et al (2013) apply a simultaneous and sequential differential game, finding that the firm invested the most in the sequential differential game. The game-theoretical approach is also employed in modeling the actions and reactions of two allied firms.…”
Section: Estimating the Optimal Level Of Infosec Investmentmentioning
confidence: 99%
“…A döntési és statikus játékteóriákat is alkalmazzák annak érdekében, hogy a szakemberek képesek legyenek felismerni és jellemezni a hackerek és a vállalatok stratégiáját. Azonban még így sem lehetséges a kockázati környezet dinamikáinak teljes kezelése, amely kiemelt eleme az olyan modern és elosztott informatikai rendszereknek, mint a felhőmegoldások (Gao et al, 2013). A biztonsági incidens gyanúja, vagy bekövetkezése esetén lefolytatott forensics vizsgálatok segítenek abban, hogy az események körét, az ügyfelek érintettségét meg lehessen határozni.…”
Section: Információbiztonság éS a Felhőalapú Rendszerekunclassified