Securing Cyberspace: Realigning Economic Incentives in the ICT Value Net
32 Pages Posted: 13 Aug 2009
Date Written: August 11, 2009
Abstract
With growing reliance on information services, cybersecurity has become a pressing issue. Providing and maintaining a desirable level of information security is complicated by the global nature of the problem and the interdependence between the diversity and heterogeneity of players. Security decisions are afflicted with positive and negative externalities so that decentralized decisions may result in suboptimal outcomes. The paper examines the incentives of criminals to undermine security and those of service providers and users to enhance it. Based on in-depth interviews with more than 40 market players in six countries, the paper finds that each player operates under both security-enhancing and security-reducing incentives. The market system often generates incentives that move decentralized decisions closer to a social optimum but voluntary or government-led collective measures will be required to overcome some of the externality problems.
Keywords: Cybersecurity, cybercrime, security incentives, externalities, information security policy, regulation
JEL Classification: L86, L88, L96, H4
Suggested Citation: Suggested Citation