Add to ORKGThis paper develops a theory of sequential investments in cybersecurity in which the software vendor can invest ex ante and ex post. The regulator can use safety standards and liability rules as means of increasing security. A standard is a minimum level of safety, and a liability rule states the amount of damage each party is liable for. I show that the joint use of an optimal standard and a full liability rule leads to underinvestment ex ante and overinvestment ex post because the software vendor does not suffer the full costs of the society in case of security failure. Instead, switching to a partial liability rule can correct the inefficiencies. This suggests that to improve security, the regulator should encourage not only the firms, b...
The economics of information security has recently become a thriving and fast-moving discipline. Sys...
Risk transfer plays an increasing role in information security risk management as organisations purc...
With the continuing growth of the use of the Internet for business purposes, the consequences of a p...
This paper develops a theory of sequential investments in cybersecurity in which the software vendor...
This paper examines investments in cybersecurity made by users and software providers with a focus o...
This paper studies investment in cybersecurity, where both the software vendor and the consumers can...
This paper studies investment in cybersecurity, where both the software vendor and the consumers can...
The interdependency of information security risks often induces firms to invest inefficiently in inf...
Cybersecurity has become a key factor that determines the success or failure of companies that rely ...
The abundance of flawed software has been identified as the main cause of the poor security of compu...
The interdependency of information security risks poses a significant challenge for firms to manage ...
Economic agents make rational cybersecurity investment decisions considering the costs and the benef...
Cyberattacks are a pervasive threat in the digital economy, with the potential to harm rms and their...
Digitalisation has tremendous benefits while simultaneously elevating cybersecurity to a prominent t...
Various common provisions in software end user license agreements undermine cyber security. These in...
The economics of information security has recently become a thriving and fast-moving discipline. Sys...
Risk transfer plays an increasing role in information security risk management as organisations purc...
With the continuing growth of the use of the Internet for business purposes, the consequences of a p...
This paper develops a theory of sequential investments in cybersecurity in which the software vendor...
This paper examines investments in cybersecurity made by users and software providers with a focus o...
This paper studies investment in cybersecurity, where both the software vendor and the consumers can...
This paper studies investment in cybersecurity, where both the software vendor and the consumers can...
The interdependency of information security risks often induces firms to invest inefficiently in inf...
Cybersecurity has become a key factor that determines the success or failure of companies that rely ...
The abundance of flawed software has been identified as the main cause of the poor security of compu...
The interdependency of information security risks poses a significant challenge for firms to manage ...
Economic agents make rational cybersecurity investment decisions considering the costs and the benef...
Cyberattacks are a pervasive threat in the digital economy, with the potential to harm rms and their...
Digitalisation has tremendous benefits while simultaneously elevating cybersecurity to a prominent t...
Various common provisions in software end user license agreements undermine cyber security. These in...
The economics of information security has recently become a thriving and fast-moving discipline. Sys...
Risk transfer plays an increasing role in information security risk management as organisations purc...
With the continuing growth of the use of the Internet for business purposes, the consequences of a p...