共 31 条
- [31] Varian Hal., 2004, System Reliability and Free Riding, WORKSHOP ON THE ECONOMICS OF INFORMATION SECURITY
Attack-prevention and damage-control investments in cybersecurity
被引:9
作者:
Lam, Wing Man Wynne
[1
]
机构:
[1] Univ Liege ULg, HEC Management Sch, Liege Competit & Innovat Inst, Liege, Belgium
关键词:
Cybersecurity;
Investment;
Standard;
Liability;
Bilateral care;
PRODUCTS-LIABILITY;
SOFTWARE SECURITY;
ECONOMIC-ANALYSIS;
VAPORWARE;
HARM;
D O I:
10.1016/j.infoecopol.2016.10.003
中图分类号:
F [经济];
学科分类号:
02 ;
摘要:
This paper examines investments in cybersecurity made by users and software providers with a focus on the latter's concerning attack prevention and damage control. I show that full liability, whereby the provider is liable for all damage, is inefficient, owing namely to underinvestment in attack prevention and overinvestment in damage control. On the other hand, the joint use of an optimal standard, which establishes a minimum compliance framework, and partial liability can restore efficiency. Implications for cybersecurity regulation and software versioning are discussed. (C) 2016 Elsevier B.V. All rights reserved.
引用
收藏
页码:42 / 51
页数:10
相关论文