Why Information Security is Hard-An Economic Perspective
نویسنده
چکیده
According to one common view, information security comes down to technical measures. Given better access control policy models, formal proofs of cryptographic protocols, approved firewalls, better ways of detecting intrusions and malicious code, and better tools for system evaluation and assurance, the problems can be solved. In this note, I put forward a contrary view: information insecurity is at least as much due to perverse incentives. Many of the problems can be explained more clearly and convincingly using the language of microeconomics: network externalities, asymmetric information, moral hazard, adverse selection, liability dumping and the tragedy of the commons.
منابع مشابه
An Empirical Study about Why Dissatisfaction Arises Among the Employees and What It Consequences: Bangladesh Perspective
This article aimed at identifying the rate of dissatisfied employees who had left their previous jobs and the main factors which caused their dissatisfaction. In order to collect data for this study a well-structured questionnaire was distributed to 150 employees of different private and public organizations in Bangladesh who already left their previous jobs and 142 usable responses were rec...
متن کاملحدود صلاحیت دیوان عدالت اداری در انتصاب مدیران مؤسسات عمومی غیردولتی (مطالعه موردی مدیرعامل سازمان تأمین اجتماعی)
The Social Security Organization, according to The List of Non-governmental Organizations and Public Institutions Act, is a non-governmental public organization. It currently supports about 33 million workers, retirees and their families. Always there is alignment among the main objectives of social security and economic objectives of the country. All the factors that effect on econom...
متن کاملTa-wei Wang Essays on Information Security from an Economic Perspective Doctor of Philosophy
Wang, Ta-Wei. Ph.D., Purdue University, August, 2009. Essays on Information Security from an Economic Perspective. Major Professors: Jackie Rees and Karthik Kannan. Information security risks are becoming a critical issue to organizations given the significant impact of security related incidents. In this dissertation, we seek to further our understanding of how information security incidents a...
متن کاملProtecting Consumers in Privacy and Data Security: A Perspective of Information Economics
This note provides an economic approach to consumer privacy and data security based on the extensive economic literature on how information flows, and is used, in the marketplace. We apply that approach to consumer protection in privacy and data security, as a step toward the ultimate goal of facilitating well-grounded cost-benefit analysis of future policy and law enforcement action in this area.
متن کاملEvaluating Information Security Investments from Attackers Perspective: the Return-On-Attack (ROA)
Producing a cost-benefit analyses of security solutions has always been hard, because the benefits are difficult to assess and often only a part of the overall cost is clear. Despite this, today the provision of economic evaluations of security technology investments is a requirement that more and more customers ask vendors to satisfy. In this paper, we consider the typical calculation of a Ret...
متن کامل