Role of Intelligence Inputs in Defending against Cyber Warfare and Cyber Terrorism

This article examines the role of espionage in defending against cyber-attacks on infrastructural firms. We analyze the problem using a game between a government, an infrastructural firm and an attacker. If the attacker successfully breaches the IT security defenses of the infrastructural firm, primary losses accrue to that firm while widespread collateral losses accrue to the rest of the economy. The government assists the infrastructural firm by providing intelligence inputs about an impending attack. We find that subject to some conditions, expenditure on intelligence adds value only when its amount exceeds a threshold level. Also, the nature of the equilibrium depends on the level of government expenditure in intelligence. We find that the optimal level of intelligence expenditure can change in seemingly unexpected ways in response to a shift in parameters. For example, reduced vulnerability of the infrastructural firm does not necessarily imply a reduction in intelligence gathering effort. We also exhibit circumstances under which a system of centralized security in which the government regulates both intelligence gathering as well as the system inspection regime of the infrastructural firm may not always be desirable because of strategic interactions between the players.