Exploit Derivatives & National Security
31 Pages Posted: 2 May 2007 Last revised: 13 Mar 2008
Critical infrastructures remain vulnerable to cyber attack despite a raft of post-9/11 legislation focused on cyber security in critical infrastructures. An emerging discipline known as the economics of information security may provide a partial solution in the form of a hypothetical market that trades exploit derivatives, a modified futures contract tied to cyber security events. This paper argues that such a market could serve to predict and prevent cyber attacks through the operation of the efficient capital market hypothesis, but only after changes to the present regulatory environment. Specifically, I argue that a statutory safe harbor would allow the creation of a pilot market focused on vulnerabilities in Internet protocol version six, an emerging communications standard that China hopes to deploy throughout its national network before the 2008 Olympics. Indeed, such a safe harbor would align the interests of military and civilian policymakers on the common goal of protecting critical infrastructure from a computer network attack originating in China, whether instigating by the People's Liberation Army or so-called black-hat hackers.
Keywords: vulnerability trading, national security, critical infrastructure, welfare economics
Suggested Citation: Suggested Citation