Economics of Cybersecurity: Difference between revisions

From Cybersecurity Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
''[[Table of Contents | TOC->]][[Issues | Issues->]][[Economics of Cybersecurity]]''
''[[Table of Contents | TOC->]][[Issues | Issues->]][[Economics of Cybersecurity]]''


{| class="wikitable sortable" border="1" cellpadding="1" cellspacing="0" style="border: 1px solid LightGrey;"
{{Filtered_Table||4.2,false}}
|-
! style="background-color: #efefef;" | Author 1
! style="background-color: #efefef;" | Author 2
! style="background-color: #efefef;" | Year
! style="background-color: #efefef;" | Title
! style="background-color: #efefef;" | Source
! style="background-color: #efefef;" | Expertise
! style="background-color: #efefef;" class="unsortable" | Full Text 
|-
|Anderson, Ross J.||||2008||[[Security Engineering]]||Book||Moderate:Technology; Moderate:Cryptography||N/A
|-
|Anderson, Ross, et. al|| ||2008||[[Security Economics and the Internal Market]]||Study||Low:Economics||[http://www.enisa.europa.eu/act/sr/reports/econ-sec/economics-sec/at_download/fullReport  ''Pdf'']
|-
|Anderson, Ross||||2001||[[Why Information Security is Hard]]||Conf. Paper||None||[http://www.acsac.org/2001/papers/110.pdf ''Pdf''] [http://www.cl.cam.ac.uk/~rja14/Papers/econ.pdf ''AltPdf'']
|-
|Anderson, Ross||Moore, Tyler||2006||[[The Economics of Information Security]]||Journal Article||Low:Economics||[http://people.seas.harvard.edu/~tmoore/science-econ.pdf ''Pdf''] [http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.89.3331&rep=rep1&type=pdf ''AltPdf'']
|-
|Arora et al.||||2006||[[Does Information Security Attack Frequency Increase With Vulnerability Disclosure]]||Journal Article||Moderate:Economics||[http://www.heinz.cmu.edu/~rtelang/vuln_freq_ISF.pdf ''Pdf'']
|-
|Aviram, Amitai||Tor, Avishalom||2004||[[Overcoming Impediments to Information Sharing]]||Law Review||Low:Economics||[http://law.haifa.ac.il/faculty/lec_papers/tor/55Ala1.L.Rev.231.pdf ''Pdf''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=435600 ''SSRN'']
|-
|Bohme, Rainer||||2005||[[Cyber-Insurance Revisited]]||Conf. Paper||High:Economics||[http://infosecon.net/workshop/pdf/15.pdf ''Pdf'']
|-
|Bohme, Rainer||Kataria, Gaurav||2006||[[Models and Measures for Correlation in Cyber-Insurance]]||Conf. Paper||High:Economics||[http://weis2006.econinfosec.org/docs/16.pdf ''Pdf'']
|-
|Bohme, Rainer||Schwartz, Galina||2010||[[Modeling Cyber-Insurance]]||Conf. Paper||High:Economics||[http://www1.inf.tu-dresden.de/~rb21/publications/BS2010_Modeling_Cyber-Insurance_WEIS.pdf ''Pdf'']
|-
|Camp, L. Jean||Lewis, Stephen||2004||[[Economics of Information Security]]||Book||High:Economics||N/A
|-
|Camp, L. Jean||Wolfram, Catherine||2004||[[Pricing Security]]||Book Chapter||Low:Economics||[http://books.google.com/books?id=PbzP9tgeDcAC&lpg=PA17&ots=8AOrvEojH5&dq=Economics%20of%20Information%20Security&lr&pg=PA17#v=onepage&q&f=false ''Web''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=894966 ''SSRN'']
|-
|Clinton, Larry||||Undated||[[Cyber-Insurance Metrics and Impact on Cyber-Security]]||Online Paper||Low:Technology; Low:Law||[http://www.whitehouse.gov/files/documents/cyber/ISA%20-%20Cyber-Insurance%20Metrics%20and%20Impact%20on%20Cyber-Security.pdf  ''Pdf'']
|-
|Computer Economics, Inc.||||2007||[[2007 Malware Report]]||Industry Report||None||[http://www.computereconomics.com/article.cfm?id=1224 ''Purchase'']
|-
|Computing Research Association||||2003||[[Four Grand Challenges in Trustworthy Computing]]||Independent Report||None||[http://www.cyber.st.dhs.gov/docs/CRA%20Grand%20Challenges%202003.pdf ''Pdf'']
|-
|Department of Defense||||2007||[[Mission Impact of Foreign Influence on DoD Software]]||Government Report||Low:Defense Policy/Procurement||[http://www.cyber.st.dhs.gov/docs/Defense%20Science%20Board%20Task%20Force%20-%20Report%20on%20Mission%20Impact%20of%20Foreign%20Influence%20on%20DoD%20Software%20(2007).pdf  ''Pdf'']
|-
|Financial Services Sector Coordinating Council for Critical Infrastructure Protection||||2008||[[Research Agenda for the Banking and Finance Sector]]||Independent Report||None||[http://www.cyber.st.dhs.gov/docs/RD_Agenda-FINAL.pdf ''Pdf'']
|-
|Franklin, Jason, et. al||||2007||[[An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants]]||Conf. Paper||Low:Statistics; Low:Economics||[http://sparrow.ece.cmu.edu/group/pub/franklin_paxson_perrig_savage_miscreants.pdf ''Pdf''] [http://www.cs.cmu.edu/~jfrankli/acmccs07/ccs07_franklin_eCrime.pdf  ''Alt Pdf'']
|-
|Gandal, Neil||||2008||[[An Introduction to Key Themes in the Economics of Cyber Security]]||Book Chapter||Low:Economics||[http://www.tau.ac.il/~gandal/security%20encyclopedia%20entry.pdf ''Pdf'']
|-
|Grady, Mark F.||Parisi, Francesco||2006||[[The Law and Economics of Cybersecurity]]||Book||Low:Economics; Low:Law||N/A
|-
|Granick, Jennifer Stisa||||2005||[[The Price of Restricting Vulnerability Publications]]||Law Review||Low/Moderate:Law||[http://www.ijclp.net/files/ijclp_web-doc_10-cy-2004.pdf  ''Pdf'']
|-
|Institute for Information Infrastructure Protection||||2003||[[Cyber Security Research and Development Agenda]]||Independent Report||Low/None:Technology||[http://www.cyber.st.dhs.gov/docs/I3P%20Research%20Agenda%202003.pdf ''Pdf'']
|-
|Johnson, Eric M.||||2008||[[Managing Information Risk and the Economics of Security]]||Book||High:Economics||N/A
|-
|Johnson, Vincent R.||||2005||[[Cybersecurity, Identity Theft, and the Limits of Tort Liability]]||Law Review||Moderate:Law||[http://www.stmarytx.edu/law/pdf/Johnsoncyber.pdf ''Pdf''] [http://law.bepress.com/cgi/viewcontent.cgi?article=3530&context=expresso ''AltPdf'']
|-
|Kobayashi, Bruce H.|| ||2006||[[An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods]]||Journal Article ||High:Economics||[http://www.law.gmu.edu/assets/files/publications/working_papers/05-11.pdf ''Pdf'']
|-
|Lernard, Thomas M.||Rubin, Paul H.||2005||[[An Economic Analysis of Notification Requirements for Data Security Breaches]]||Online Paper||Low:Economics||[http://www.pff.org/issues-pubs/pops/pop12.12datasecurity.pdf ''Pdf'']
|-
|Moore, Tyler, et. al||||2009||[[The Economics of Online Crime]]||Journal Article||Low:Technology||[http://people.seas.harvard.edu/~tmoore/jep09.pdf  ''Pdf'']
|-
|Moore, Tyler||Clayton, Richard||2009||[[The Impact of Incentives on Notice and Take-down]]||Book Chapter||Moderate:Technology; Low:Law||[http://weis2008.econinfosec.org/papers/MooreImpact.pdf  ''Pdf'']
|-
|National Cyber Defense Initiative||||2009||[[National Cyber Defense Financial Services Workshop Report]]||Independent Report||Moderate:Financial Services Infrastructure; Moderate:Acronym Tolerance||[http://www.cyber.st.dhs.gov/docs/NCDI_FI_Workshop_Report.pdf ''Pdf'']
|-
|National Institute of Standards and Technology||||2006||[[SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security]]||Government Report||Moderate:Technology||[http://www.cyber.st.dhs.gov/docs/NIST%20Guide%20to%20Supervisory%20and%20Data%20Acquisition-SCADA%20and%20Industrial%20Control%20Systems%20Security%20(2007).pdf ''Pdf'']
|-
|National Research Council||||2007||[[Toward a Safer and More Secure Cyberspace]]||Independent Report||Low:Research Processes; Low:Technology||[http://www.cyber.st.dhs.gov/docs/Toward_a_Safer_and_More_Secure_Cyberspace-Full_report.pdf ''Pdf'']
|-
|National Research Council||||1999||[[Trust in Cyberspace]]||Independent Report||Moderate:Technology||[http://www.cyber.st.dhs.gov/docs/Trust%20in%20Cyberspace%20Report%201999.pdf ''Pdf'']
|-
|Networking and Information Technology Research and Development||||2009||[[National Cyber Leap Year Summit 2009, Co-Chairs' Report]]||Government Report||Low:Technology||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf ''Pdf'']
|-
|Powell, Benjamin||||2005||[[Is Cybersecurity a Public Good]]||Law Review||Low/Moderate:Economics||[http://www.independent.org/pdf/working_papers/57_cyber.pdf  ''Pdf''] [http://www.ciaonet.org/wps/pob03/pob03.pdf ''AltPdf'']
|-
|President's Information Technology Advisory Council||||2005||[[Cyber Security: A Crisis of Prioritization]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/PITAC%20Report%202005.pdf ''Pdf'']
|-
|Romanosky et al.||||2008||[[Do Data Breach Disclosure Laws Reduce Identity Theft]]||Conf. Paper||Moderate:Economics||[http://weis2008.econinfosec.org/papers/Romanosky.pdf ''Pdf'']
|-
|Schneier, Bruce||||2003||[[Beyond Fear]]||Book||None||[http://www.scribd.com/doc/12185921/beyond-fear-thinking-sensibly-about-security-in-an-uncertain-world-bruce-schneier-copernicus-books-2003 ''Scribd'']
|-
|Schneier, Bruce||||2008||[[Schneier on Security]]||Book||None||[http://www.schneier.com/book-sos.html ''Purchase'']
|-
|Schwartz, Paul||Janger, Edward||2007||[[Notification of Data Security Breaches]]||Law Review||Low:Law; Low:Economics||[http://www.michiganlawreview.org/assets/pdfs/105/5/schwartz.pdf ''Pdf'']
|-
|Stohl, Michael||||2006||[[Cyber Terrorism]]||Journal Article||None||[http://www.ingentaconnect.com/content/klu/cris/2006/00000046/F0020004/00009061 ''Purchase'']
|-
|Swire, Peter P.||||2004||[[A Model for When Disclosure Helps Security]]||Law Review||Low/Moderate:Logic||[http://www.rootsecure.net/content/downloads/pdf/disclosure_helps_security.pdf ''Pdf''][http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782 ''SSRN'']
|-
|Swire, Peter P.||||2006||[[A Theory of Disclosure for Security and Competitive Reasons]]||Law Review||Low/Moderate:Logic||[http://papers.ssrn.com/sol3/papers.cfm?abstract_id=842228 ''SSRN'']
|-
|Symantec Corporation||||2010||[[Symantec Global Internet Security Threat Report]]||Industry Report||Low/Moderate:Technology||[http://www4.symantec.com/Vrt/wl?tu_id=SUKX1271711282503126202 ''Pdf'']
|-
|Telang, Rahul||Wattal, Sunil||2007||[[Impact of Software Vulnerability Announcements on the Market Value of Software Vendors]]||Journal Article||Moderate:Economics||[http://infosecon.net/workshop/pdf/telang_wattal.pdf  ''Pdf'']
|-
|Thomas, Rob||Martin, Jerry||2006||[[The Underground Economy]]||Journal Article||Low:Technology||[http://www.usenix.org/publications/login/2006-12/openpdfs/cymru.pdf ''Pdf'']
|-
|United States Secret Service||||2004||[[Insider Threat Study]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/its_report_040820.pdf ''Pdf'']
|-
|van Eeten, Michel J. G.||Bauer, Johannes M.||2008||[[Economics of Malware]]||Non-US Govt. Report||Moderate:Economics||[http://www.oecd.org/dataoecd/53/17/40722462.pdf ''Pdf'']
|-
|Varian, Hal||||2000||[[Managing Online Security Risks]]||Newspaper Article||None||[http://people.ischool.berkeley.edu/~hal/people/hal/NYTimes/2000-06-01.html ''Web'']
|-
|Varian, Hal||||2004||[[System Reliability and Free Riding]]||Book Chapter||High:Economics||[http://www.sims.berkeley.edu/resources/affiliates/workshops/econsecurity/econws/48-old.pdf ''Pdf'']  [http://people.ischool.berkeley.edu/~hal/Papers/2004/reliability  ''AltPdf'']
|-
|Verizon||||2010||[[2010 Data Breach Investigations Report]]||Industry Report||Low:Technology||[http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf ''Pdf'']
|}


'''''Subcategories:'''''
*''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Risk Management and Investment]]''
*''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Incentives]]''
*''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Insurance]]''
*''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Behavioral Economics]]''
*''[[Economics of Cybersecurity | Economics of Cybersecurity->]][[Market Failure]]''


''[[Table of Contents| Jump to Table of Contents]]''
''[[Table of Contents| Jump to Table of Contents]]''

Latest revision as of 16:41, 7 August 2012

TOC-> Issues->Economics of Cybersecurity

Types
U.S. Government Report
U.S. Government Hearing
Non-U.S. Government Report
Independent Report
Industry Report
Book
Journal Article
Article
Categories
Exclude Subcatgeories
Search
Help


Jump to Table of Contents

Retrieved from "http://cyber.harvard.edu/cybersecurity/?title=Economics_of_Cybersecurity&oldid=6732"