The Economics of Information and Human Factors in Cybersecurity

16 Pages Posted: 6 Apr 2022

See all articles by Peter J. Phillips

Peter J. Phillips

University of Southern Queensland - Faculty of Business

Gabriela Pohl

University of Southern Queensland - Faculty of Business, Education, Law and Arts

Date Written: March 23, 2022

Abstract

To design and apply effective countermeasures to hacking and related threats, it helps to have some way to structure one’s educated guesses and inferences about hackers’ current activities and future moves. This is especially the case when the decision-maker must consider not only the risk of attack but the unquantifiable risk of an attack (i.e., uncertainty). Computer science is not a decision-making framework and, while obviously necessary, is not sufficient to guide the design and implementation of effective countermeasures. We show how to use Schelling’s focal points together with Kahneman & Tversky’s reference points and related concepts from behavioural economics to complement technical innovations and improve threat detection and deterrence.

Keywords: Hackers, Focal Points, Reference Points, Unquantifiable Risk, Uncertainty

JEL Classification: K24, D90, D91, H56, C70, D81, D83

Suggested Citation

Phillips, Peter J. and Pohl, Gabriela, The Economics of Information and Human Factors in Cybersecurity (March 23, 2022). Available at SSRN: https://ssrn.com/abstract=4065094 or http://dx.doi.org/10.2139/ssrn.4065094

Peter J. Phillips (Contact Author)

University of Southern Queensland - Faculty of Business ( email )

Toowoomba 4350, Queensland
Australia

Gabriela Pohl

University of Southern Queensland - Faculty of Business, Education, Law and Arts ( email )

Toowoomba, Queensland 4350
Australia

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
120
Abstract Views
548
Rank
480,479
PlumX Metrics