Game of information security investment: Impact of attack types and network vulnerability
作者:
Highlights:
• We model an interconnected firm’s security investment against two attack types.
• A high network vulnerability spurs firms to invest less in information security.
• Liability and security information sharing can motivate firm to invest in security.
• Both incentives can improve firms’ security level and decrease firms’ total costs.
• Both incentives can be extended to the case of three or more firms.
摘要
•We model an interconnected firm’s security investment against two attack types.•A high network vulnerability spurs firms to invest less in information security.•Liability and security information sharing can motivate firm to invest in security.•Both incentives can improve firms’ security level and decrease firms’ total costs.•Both incentives can be extended to the case of three or more firms.
论文关键词:Information security investment,Attack types,Network vulnerability,Game theory,Economic incentives
论文评审过程:Available online 8 April 2015.
论文官网地址:https://doi.org/10.1016/j.eswa.2015.03.033
