☆ 4.5 Article

Information sharing and security investment for substitutable firms: A game-theoretic analysis

JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY (2023)

相关参考文献

注意：仅列出部分参考文献，下载原文获取全部文献信息。

Article Operations Research & Management Science

A Tullock-contest-based approach for cyber security investments

David Iliaev et al.

Summary: This article studies a cyber security game between a defender and an attacker, where they choose how to allocate resources for attacking or defending information assets. The probability of a successful attack depends on the investments made by the attacker and defender. The article compares sequential and simultaneous game scenarios, analyzing the players' strategies and equilibria. It provides an upper bound on the reduction in defender's costs achieved by transitioning from a simultaneous to a sequential game.

ANNALS OF OPERATIONS RESEARCH (2023)

添加到收藏夹

Review Economics

Cybersecurity For Defense Economists

Daniel Arce

Summary: This study examines the importance of cybersecurity in national security and explores the intersection between cybersecurity and defense economics. By utilizing theoretical tools such as microeconomics and game theory, researchers are able to analyze common phenomena and problems in both fields, such as public goods, externalities, and interdependent security. Additionally, the study covers topics including cyber war, cyberterrorism, and deterrence.

DEFENCE AND PEACE ECONOMICS (2023)

添加到收藏夹

Review Economics

Dangerous games: A literature review on cybersecurity investments

Alessandro Fedele et al.

Summary: This paper surveys theoretical literature on firms' incentives to invest in cybersecurity, distinguishing between studies on isolated firms and interdependent firms. A model is developed to discuss the main findings of investments in cybersecurity, and promising avenues for future research and policy implications are discussed.

JOURNAL OF ECONOMIC SURVEYS (2022)

添加到收藏夹

Article Economics

An evolutionary game-theoretic analysis of enterprise information security investment based on information sharing platform

Xiaotong Li

Summary: The paper uses evolutionary game theory to analyze the evolution of information sharing and its influencing factors in information security sharing platforms, providing suggestions to promote the efficiency of platform information sharing.

MANAGERIAL AND DECISION ECONOMICS (2022)

添加到收藏夹

Article Computer Science, Information Systems

Expanding the Gordon-Loeb model to cyber-insurance

Henry R. K. Skeoch

Summary: An economic model for decisions on competing cyber-security and cyberinsurance investment based on the Gordon-Loeb model is presented, finding that purchasing insurance and investing in security to maximize utility is worthwhile when the insurance premium is below a certain value. This model integrates the Gordon-Loeb model into a classical microeconomic analysis of insurance.

COMPUTERS & SECURITY (2022)

添加到收藏夹

Article Engineering, Industrial

New challenges in supply chain management: cybersecurity across the supply chain

Steven A. Melnyk et al.

Summary: Recent cybersecurity breaches have emphasized the impact of cybersecurity on the economy, politics, and society, making it a supply chain issue. There is currently a lack of clarity and gaps in the knowledge base regarding cybersecurity across the supply chain, highlighting the need for further research in this area.

INTERNATIONAL JOURNAL OF PRODUCTION RESEARCH (2022)

添加到收藏夹

Article Management

A game-theoretical model of firm security reactions responding to a strategic hacker in a competitive industry

Yong Wu et al.

Summary: The study suggests that companies should consider reforming their business mode to reduce vulnerability rather than heavily investing in security protection. Different intentions of hackers lead to different behaviors; continuing effort is still a better strategy for companies even in intense competition. The technical similarity encourages hackers to attack while causing a free-riding problem for competitive firms.

JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY (2022)

添加到收藏夹

Article Engineering, Manufacturing

E-commerce supply chains with considerations of cyber-security: Should governments play a role?

Suyuan Luo et al.

Summary: This paper analyzes the cyber-security issues in e-commerce supply chains and explores whether governments should impose penalty schemes. The findings suggest that implementing penalty schemes can be beneficial to social welfare when the government values consumer surplus. The study also reveals that the benefit-to-cost ratio of security enhancing technologies is a critical factor in determining the optimal penalty level. One important insight is that government penalty schemes on cyber-security may do more harm than good, but if implemented, the government should impose the heaviest possible fine.

PRODUCTION AND OPERATIONS MANAGEMENT (2022)

添加到收藏夹

Article Engineering, Industrial

Balancing cybersecurity in a supply chain under direct and indirect cyber risks

Tadeusz Sawik

Summary: This paper presents a stochastic programming formulation for optimizing cybersecurity investments in a multi-tier supply chain. The study uses an integrated modelling approach and provides insights into decision-making based on computational study results.

INTERNATIONAL JOURNAL OF PRODUCTION RESEARCH (2022)

添加到收藏夹

Article Public, Environmental & Occupational Health

The Work-Averse Cyberattacker Model: Theory and Evidence from Two Million Attack Signatures

Luca Allodi et al.

Summary: This study introduces a new attacker model based on dynamic optimization and suggests that high initial development costs lead attackers to delay exploiting vulnerabilities. The research predicts that mass attackers prefer to exploit only one vulnerability per software version and are slow in weaponizing new vulnerabilities.

RISK ANALYSIS (2022)

添加到收藏夹

Article Economics

Information security investment and purchase decision for personalized products

Lu Xu et al.

Summary: This paper investigates the optimal information security investments and purchasing decisions of consumers with different privacy concerns in online personalization. The study reveals that consumers and firms often face a prisoner's dilemma in Nash equilibrium. The proposed solutions, such as a firm-led Stackelberg game with punishment mechanism, can effectively increase consumers' willingness to purchase personalized products and improve security investment efficiency.

MANAGERIAL AND DECISION ECONOMICS (2022)

添加到收藏夹

Article Management

Information Security Strategies for Information-Sharing Firms Considering a Strategic Hacker

Yong Wu et al.

Summary: This paper examines the benefits and risks of business information sharing and its impact on security efforts against strategic hackers. It shows that security investment and security knowledge sharing are strategic substitutes when the degree of business sharing is low and strategic complements otherwise. The study also explores the behavior of the strategic hacker and proposes coordination mechanisms to reach socially optimal security levels. The paper provides insights for managers in making security decisions.

DECISION ANALYSIS (2022)

添加到收藏夹

Article Computer Science, Hardware & Architecture

Cybersecurity strategy under uncertainties for an IoE environment

Samira Bokhari et al.

Summary: The principal objective of this research is to provide a cybersecurity strategy that considers all types of attacks that can affect an IoE environment while respecting the specified budget. A financial approach based on portfolio management is exploited to select a portfolio of security controls that minimize costs and maximize security. The study shows that the proposed iterative method outperforms the Non-dominated Sorting Genetic Algorithm (NSGA-II) in efficiency and can provide good results for different problem sizes while respecting constraints.

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS (2022)

添加到收藏夹

Review Computer Science, Information Systems

Exploring Incentives and Challenges for Cybersecurity Intelligence Sharing (CIS) across Organizations: A Systematic Review

Farzan Kolini et al.

Summary: Cybersecurity intelligence sharing plays a significant role in protecting critical information assets, managing cybersecurity risks, and improving cybersecurity operations. Through a structured literature review, this study examines the incentives and challenges influencing organizations' adoption of cybersecurity intelligence sharing practices. The authors propose a theoretical framework and provide insights for future studies, as well as developing a holistic definition of cybersecurity intelligence. The research identifies factors categorized under the TOE framework and offers a reference CIS framework for IS scholars.

COMMUNICATIONS OF THE ASSOCIATION FOR INFORMATION SYSTEMS (2022)

添加到收藏夹

Article Computer Science, Information Systems

Interdependency Analysis in Security Investment against Strategic Attacks

Mansooreh Ezhei et al.

INFORMATION SYSTEMS FRONTIERS (2020)

添加到收藏夹

Article Management

Optimal policies for information sharing in information system security

Senay Solak et al.

EUROPEAN JOURNAL OF OPERATIONAL RESEARCH (2020)

添加到收藏夹

Article Management

Managing Security Outsourcing in the Presence of Strategic Hackers

Yong Wu et al.

DECISION ANALYSIS (2020)

添加到收藏夹

Article Public, Environmental & Occupational Health

A Study on a Sequential One-Defender-N-Attacker Game

Zhiheng Xu et al.

RISK ANALYSIS (2019)

添加到收藏夹

Article Computer Science, Hardware & Architecture

Establishing evolutionary game models for CYBer security information EXchange (CYBEX)

Deepak Tosh et al.

JOURNAL OF COMPUTER AND SYSTEM SCIENCES (2018)

添加到收藏夹

Article Management

Comparison of information security decisions under different security and business environments

Yong Wu et al.

JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY (2018)

添加到收藏夹

Article Public, Environmental & Occupational Health

Deterrence and Risk Preferences in Sequential Attacker-Defender Games with Continuous Efforts

Vineet M. Payyappalli et al.

RISK ANALYSIS (2017)

添加到收藏夹

Article Computer Science, Interdisciplinary Applications

Decisions making in information security outsourcing: Impact of complementary and substitutable firms

Yong Wu et al.

COMPUTERS & INDUSTRIAL ENGINEERING (2017)

添加到收藏夹

Article Engineering, Industrial

A differential game approach to security investment and information sharing in a competitive environment

Xing Gao et al.

IIE TRANSACTIONS (2016)

添加到收藏夹

Article Management

Economic and Policy Implications of Restricted Patch Distribution

Karthik Kannan et al.

MANAGEMENT SCIENCE (2016)

添加到收藏夹

Article Information Science & Library Science

Economic incentives in security information sharing: the effects of market structures

Xing Gao et al.

INFORMATION TECHNOLOGY & MANAGEMENT (2016)

添加到收藏夹

Article Management

On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness

Mohammad E. Nikoofal et al.

EUROPEAN JOURNAL OF OPERATIONAL RESEARCH (2015)

添加到收藏夹

Article Computer Science, Artificial Intelligence

Game of information security investment: Impact of attack types and network vulnerability

Yong Wu et al.

EXPERT SYSTEMS WITH APPLICATIONS (2015)

添加到收藏夹

Article Computer Science, Information Systems

Security investment and information sharing under an alternative security breach probability function

Xing Gao et al.

INFORMATION SYSTEMS FRONTIERS (2015)

添加到收藏夹

Article Business, Finance

The impact of information sharing on cybersecurity underinvestment: A real options perspective

Lawrence A. Gordon et al.

JOURNAL OF ACCOUNTING AND PUBLIC POLICY (2015)

添加到收藏夹

Article Management

A game-theoretic analysis of information sharing and security investment for complementary firms

Xing Gao et al.

JOURNAL OF THE OPERATIONAL RESEARCH SOCIETY (2014)

添加到收藏夹

Article Operations Research & Management Science

A differential game approach to information security investment under hackers' knowledge dissemination

Xing Gao et al.

OPERATIONS RESEARCH LETTERS (2013)

添加到收藏夹

Article Management

Information Security Investment When Hackers Disseminate Knowledge

Xing Gao et al.

DECISION ANALYSIS (2013)

添加到收藏夹

Article Computer Science, Artificial Intelligence

Knowledge sharing and investment decisions in information security

Dengpan Liu et al.

DECISION SUPPORT SYSTEMS (2011)

添加到收藏夹

Article Management

Defending against multiple different attackers

Kjell Hausken et al.

EUROPEAN JOURNAL OF OPERATIONAL RESEARCH (2011)

添加到收藏夹

Article Public, Environmental & Occupational Health

Resource Distribution in Multiple Attacks Against a Single Target

Gregory Levitin et al.

RISK ANALYSIS (2010)

添加到收藏夹

Article Computer Science, Information Systems

Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers

Marco Cremonini et al.

JOURNAL OF MANAGEMENT INFORMATION SYSTEMS (2009)

添加到收藏夹

Article Economics

Whether to attack a terrorist's resource stock today or tomorrow

Kiell Hausken

GAMES AND ECONOMIC BEHAVIOR (2008)

添加到收藏夹

Article Management

Balancing terrorism and natural disasters - Defensive strategy with endogenous attacker effort

Jun Zhuang et al.

OPERATIONS RESEARCH (2007)

添加到收藏夹

Article Computer Science, Information Systems

Economic aspects of information security: An emerging field of research

Lawrence A. Gordon et al.

INFORMATION SYSTEMS FRONTIERS (2006)

添加到收藏夹

Article Information Science & Library Science

The economic incentives for sharing security information

E Gal-Or et al.

INFORMATION SYSTEMS RESEARCH (2005)

添加到收藏夹

Article Information Science & Library Science

An integrative study of information systems security effectiveness

A Kankanhalli et al.

INTERNATIONAL JOURNAL OF INFORMATION MANAGEMENT (2003)

添加到收藏夹

Article Business, Finance

Interdependent security

H Kunreuther et al.

JOURNAL OF RISK AND UNCERTAINTY (2003)

添加到收藏夹

© Peeref 2019-2024. All rights reserved.