Economics of Security Patch Management
نویسندگان
چکیده
Patch management is a crucial component of IT security programs. An important problem within this context is to determine how often to update the systems with necessary patches. Keeping the systems patched with more frequent patch updates increases operational costs while reducing security risks. On the other hand, leaving the systems unpatched with less frequent patch updates decreases operational costs while increasing security risks. In this paper we develop a game theoretic model to derive the optimal frequency of patch updates to balance the operational costs and damage costs associated with security vulnerabilities. We first analyze a centralized system in a benchmark case to find the socially optimal patch management policy and associated patch release cycle of the vendor and patch update cycle of the firm. Then we consider a noncentralized system in which the vendor determines its patch release policy and the firm selects its patch update policy in a Stackelberg framework. Given the results in centralized and noncentralized patch management, we next address how we can coordinate the patch release policy of the vendor and the patch update policy of the firm using cost sharing and/or liability to achieve the socially optimal patch management in a noncentralized setting.
منابع مشابه
Factors Affecting Planned Human Resource Development in the Iranian Social Security Organization’s Hospitals
Planned Human Resource Development is critical to educating a skilled and efficient workforce. The present study aimed at identifying the main factors of planned human resource development in Iranian Social Security Organization Hospitals. The study is done through analysis of a questionnaire designed after identification of the main variables. Iran Social Security Organisation hospitals (the m...
متن کاملIMPACT OF WOMEN EMPOWERMENT ON FOOD SECURITY AMONG RURAL HOUSEHOLDS IN KWARA STATE, NIGERIA
The study investigated the impact of women empowerment on food security in Kwara State, Nigeria. Specifically, the study assessed the levels of food security and women empowerment in the study area as well as examined the relationship between both. Also, constraints on women empowerment in the study area were identified. An interview schedule was used to elicit data from 150 rural households ac...
متن کاملFood Security and Economic Growth
T his study aimed to examine the relationship between food security, health and economic growth. These three components together form the vertices of a triangle. How much does food security strategies in a country bring more health to its people? Is the healthy population richer? What is the impact of health on income, and to what extent are income variation am...
متن کاملA Dynamic analysis of Health care supply and demand management: A Case Study Hospitals of Social Security Organization
Background: The outlook for hospital care is changing rapidly. Supply and demand stimuli in the health service system are changing dramatically. The health department of the Social Security Administration has also been challenged by the growing number of patients. This study was conducted to help this organization with the aim of designing a conceptual causal model of the interaction between su...
متن کاملFactors Affecting Customer Orientation in Iranian Hospitals
Customer orientation is one of the new approaches which is recently considered by the Iranian Healthcare Centers. The present study aims to identify the main factors of customer orientation in Iranian hospitals. The study is done through analysis of a questionnaire designed after recognition of the main variables. Iranian Social Security Organization Hospitals (the major governmental health ins...
متن کامل