Difference between revisions of "Security Economics and the Internal Market"

From Cybersecurity Wiki
Jump to navigation Jump to search
Line 3: Line 3:
==Full Citation==
==Full Citation==
''Bluebook Style''
Ross Anderson, Rainer Bohme, Richard Clayton, Tyler Moore, ''Security Economics and the Internal Market'' (2008).  [http://www.enisa.europa.eu/act/sr/reports/econ-sec/economics-sec/at_download/fullReport  ''Web'']
Article in Journal: John Maynard Smith, ''The Origin of Altruism,'' 639 Nature 393 (1998).  [http://www.enisa.europa.eu/act/sr/reports/econ-sec/economics-sec/at_download/fullReport  ''Web'']
[http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=detailed&startkey=Anderson_et_al:2008&f=wikibiblio.bib ''BibTeX'']
[http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=detailed&startkey=Anderson_et_al:2008&f=wikibiblio.bib ''BibTeX'']

Revision as of 11:53, 28 May 2010

Security Economics and the Internal Market

Full Citation

Ross Anderson, Rainer Bohme, Richard Clayton, Tyler Moore, Security Economics and the Internal Market (2008). Web



Issues: Economics of Cybersecurity

Key Words

See the article itself for any key words as a starting point


Network and information security are of significant and growing economic importance. The direct cost to Europe of protective measures and electronic fraud is measured in billions of euros; and growing public concerns about information security hinder the development of both markets and public services, giving rise to even greater indirect costs. For example, while writing this report, the UK government confessed to the loss of child-benefit records affecting 25 million citizens. Further revelations about losses of electronic medical information and of data on children have called into question plans for the development of e-health and other systems. Information security is now a mainstream political issue, and can no longer be considered the sole purview of technologists. Fortunately, information security economics has recently become a live research topic: as well as collecting data on what fails and how, security economists have discovered that systems often fail not for some technical reason, but because the incentives were wrong. An appropriate regulatory framework is just as important for protecting economic and other activity online as it is offline. This report sets out to draw, from both economic principles and empirical data, a set of recommendations about what information security issues should be handled at the Member State level and what issues may require harmonisation – or at least coordination. In the report, fifteen key policy proposals are made. A consultative meeting was held in December 2007 which established that almost all of these proposals had wide stakeholder support and provide a basis for future action by ENISA and the European Commission.

Additional Notes and Highlights

* Outline key points of interest