Optimal investment strategy for cyber security management of small and medium-sized enterprises based on the heterogeneous perspective

被引：0

作者：

Wang R. ^{[1
]}

Xu H. ^{[1
]}

Wang Z. ^{[2
]}

Xu X. ^{[2
]}

机构：

[1] School of Finance, Hunan University of Technology and Business, Changsha

[2] School of Economics, Beijing Technology and Business University, Beijing

来源：

Xitong Gongcheng Lilun yu Shijian/System Engineering Theory and Practice | 2023年 / 43卷 / 02期

关键词：

cooperation; cyber security insurance; heterogeneity; non-cooperation; security investment; small and medium-sized enterprises;

D O I：

10.12011/SETP2022-1001

中图分类号：

学科分类号：

摘要：

The rapid development of information technology has brought complex and diverse network security problems. Now, more and more small and medium-sized enterprises, who have weak security foundation, begin to try a new security investment model combining risk management services and cyber security insurance. However, either over-investment or under-investment could result in losses of efficiency in cyber security risk management, and even unacceptable insecurity. Therefore, this paper discusses the small and medium-sized enterprises’ local optimal solutions and global optimal solutions to their multi-player games from the perspective of heterogeneity, and tries to optimize their decision-making model in cyber security investment. On one hand, the result shows that there exists optimal solution for the risk-averse enterprises to achieve optimal and stable equilibrium under non-cooperation circumstance. On the other hand, under cooperation circumstance, although the overall utility of the market would increase, each single enterprise has the motivation to break the equilibrium of cooperation because of the prisoner’s dilemma. There exists no stable equilibrium. Further, this paper studies the effects of insurance deductible and cyber security expense on the wealth utilities of uncooperative enterprises when taking the additional premium into consideration. It is proved that a reasonable level of insurance deductible could increase the enterprises’ wealth utilities. © 2023 Systems Engineering Society of China. All rights reserved.

引用

页码：398 / 420

页数：22

共 40 条

[1] Controlling increasingly complex Interlinking: Cybersecurity risk trends, Shanghai Insurance Monthly, 1, pp. 35-39, (2021)
[2] Yang N D, Wang J B, Zhang Y L, Et al., Risk propagation modeling and simulation in R&D network when considering the adaptive behaviors[J], Chinese Journal of Management Science, 28, 3, pp. 182-190, (2020)
[3] Bolot J C, Lelarge M., A new perspective on internet security using insurance[C], IEEE INFOCOM 2008 — The 27th Conference on Computer Communications, pp. 1948-1956, (2008)
[4] Khalili M M, Naghizadeh P, Liu M., Designing cyber insurance policies: The role of pre-screening and security interdependence[J], IEEE Transactions on Information Forensics and Security, 13, 9, pp. 2226-2239, (2018)
[5] Herath H S B, Herath T C., Investments in information security: A real options perspective with Bayesian postaudit[J], Journal of Management Information Systems, 25, 3, pp. 337-375, (2008)
[6] Pate-Cornell M E, Kuypers M, Smith M, Et al., Cyber risk management for critical infrastructure: A risk analysis model and three case studies[J], Risk Analysis, 38, 2, pp. 226-241, (2018)
[7] Armenia S, Angelini M, Nonino F, Et al., A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs, Decision Support Systems, 147, (2021)
[8] Pan C X, Zhong W J, Mei S E, Et al., Enterprise network security investment strategies when facing different vulnerabilities with budget constraints[J], Journal of University of Electronic Science and Technology of China (Social Sciences Edition), 20, 4, pp. 27-34, (2018)
[9] Gordon L A, Loeb M P, Sohail T., A framework for using insurance for cyber-risk management[J], Communications of the ACM, 46, 3, pp. 81-85, (2003)
[10] Majuca R P, Yurcik W, Kesan J P., The evolution of cyber insurance, ACM Computing Research Repository, (2006)

← 1 2 3 4 →