Cybersecurity and Economic Incentives

From Cybersecurity Wiki
Jump to: navigation, search

Full Title of Reference

Cybersecurity and Economic Incentives

Full Citation

OECD, Cybersecurity and Economic Incentives, in Computer Viruses and Other Malicious Software (OECD, 2009). Purchase

BibTeX

Categorization

Issues: Economics of Cybersecurity, Incentives

Key Words

malware, interdependencies

Synopsis

The past five years have witnessed the emergence of comprehensive efforts to improve the security of information systems and networks. A recent survey by the OECD (2005a) demonstrates that governments have developed national policy frameworks, as well as partnerships with the private sector and civil society, to combat cybercrime. Measures include Computer Security Incident Response Teams (CSIRTs), raising awareness, information sharing and education.

Additional Notes and Highlights

Accessible and pragmatic approach to security concerns, underlining the fact that, if the openness of the Internet makes end-points vulnerable to security threats, it is also this very openness that allows for growth in innovation and productivity, which has so far outweighed the costs associated with security risks. Comes back on earlier OECD works on security. Underlines that the current trend in research is to focus of the economic approaches to dealing with cybersecurity (rather critical of such trend). Outlines orientations for future research (fieldwork, importance of understanding the incentives of different Internet-market players).


Table of Contents

Executive Summary
Background
PART I. THE SCOPE OF MALWARE
 Chapter 1. An Overview of Malware
 Chapter 2. Malware Attacks: Why, When and How?
 Chapter 3. Malware: Why Should We Be Concerned?
PART II.THE ECONOMICS OF MALWARE
 Chapter 4. Cybersecurity and Economic Incentives
 Chapter 5. Survey of Market Participants: What Drives Their Security Decisions?
 Chapter 6. The Market Consequences of Cybersecurity: Defining Externalities and Ways to Address Them
 Chapter 7. The Role of End Users, Business and Government
 Chapter 8. What Is Already Being Done?
 Chapter 9. Possible Next Steps
Annex A. Background Data on Malware
Annex B. Research Design for Economic of Malware
Annex C. A Framework for Studying the Economics of Malware
Bibliography


Outline:

 Increased focus on incentive structures
   OECD Guidelines and the Economics of Cybersecurity
 The economic perspective
   The problem with prevailing research methods