A game-theoretical model of firm security reactions responding to a strategic hacker in a competitive industry

The tendency of strategic hackers to attack specific industries brings new challenges for information security management. This paper examines the interaction between firms in a specific industry and a strategic hacker by considering industry-specific characteristics including the intrinsic vulnerability, intentions of the hacker, competition between firms, and similarity of security technologies. We find that firms in an overly dangerous industry should consider reforming their business mode to reduce the intrinsic vulnerability rather than investing heavily in security protection. Moreover, we distinguish the hacker as profit-seeking and fame-seeking and find that different intentions generate different hacker's behaviour. Furthermore, keep exerting effort is still a better strategy for the firms when the competition becomes more intense even the threat of the hacker reduces. Besides, the technical similarity enhances the hacker's incentive to exert attack effort while induces a free-riding problem for competitive firms. Accordingly, we introduce a social planner to regulate the security decisions of competitive firms, and identify that the supervision of a social planner could partly alleviate the free-riding behaviour, but will only be accepted by competitive firms when facing a less or highly competitive environment. Our results imply that introducing a social planner to enforce security protection may not be advisable for all industries. Finally, we extend our model to discuss two additional cases, including the case of sequential game and the case of asymmetric condition.

Automated summary

The study suggests that companies should consider reforming their business mode to reduce vulnerability rather than heavily investing in security protection. Different intentions of hackers lead to different behaviors; continuing effort is still a better strategy for companies even in intense competition. The technical similarity encourages hackers to attack while causing a free-riding problem for competitive firms.