The Economics of Mandatory Security Breach Reporting to Authorities
نویسندگان
چکیده
Legislators in many countries enact security breach notification regulation to address a lack of information security. The laws designate authorities to collect breach reports and advise firms. We devise a principal–agent model to analyze the economic effect of mandatory security breach reporting to authorities. The model assumes that firms (agents) have few incentives to unilaterally report breaches. To enforce the law, regulators (principals) can introduce security audits and sanction noncompliance. However, audits cannot differentiate between concealment and nescience of the agents. Even under optimistic assumptions regarding the effectiveness of mandatory security breach reporting to authorities in reducing individual losses, our model predicts that it may be difficult to adjust the sanction level such that breach notification laws generate social benefit.
منابع مشابه
The Significance of Mandatory Data Breach Warnings to Identity Crime
The relationship between data breaches and identity crime has been scarcely explored in current literature. However, there is an important relationship between the misuse of personal identification information and identity crime as the former is in many respects the catalyst for the latter. Data breaches are one of the ways in which this personal identification information is obtained by identi...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملموانع گزارش خطا و راهکارهای کاهش آن از دید پرستاران بیمارستانهای تامین اجتماعی استان کرمان
Abstract Background & Aims: Errors are unavoidable in clinical practice, but it can be minimized in terms of frequency and intensity. Reporting the errors is so important and effectively avoids future errors that may cause patients harm. This study was conducted to identify barriers of error reporting by nurses and preventive strategies in social security hospitals in Kerman, Iran. Materi...
متن کاملUNIVERSITY OF OSLO HEALTH ECONOMICS RESEARCH PROGRAMME Medical errors : Mandatory reporting , voluntary reporting , or both ?
متن کامل
Economics of ITSecurity Management: Four Improvements to Current Security Practices
The importance of effective management of IT security from an economic perspective increased in recent years because of the increasing frequency and cost of security breaches. Each security breach incurs monetary damage, corporate liability, and loss of credibility. This article presents four important elements that every IT security manager should consider while managing the security function ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. Cybersecurity
دوره 2 شماره
صفحات -
تاریخ انتشار 2015