Information sharing among firms and cyber attacks |
| |
| Authors: | Kjell Hausken |
| |
| Institution: | aFaculty of Social Sciences, University of Stavanger, N-4036 Stavanger, Norway |
| |
| Abstract: | As the Sarbanes-Oxley Act strengthens internal controls, and the government encourages information sharing, accounting gains significance through secure representation, storage, and transfer of information, and by laying the foundation for assessing costs and benefits. Information sharing and security investment for two firms are inverse U shaped in the aggregate attack, and interlinked through the interdependence and the firm’s unit cost of security investment. Both increase in the interdependence (e.g. US telecommunications industry). With given security investment, social welfare is inverse U shaped in information sharing. Individual optimization implies free riding. A social planner is introduced controlling information sharing, security investment, or both, in simultaneous and two period games. Two period games where the social planner moves first are realistic when the social planner is highly respected. For the simultaneous game, a social planner controlling information sharing (security investment) imposes unreasonably high sharing (security investment). Firms free ride in the variable they control. The social planner imposes more moderate levels in the two period games. A social planner controlling both information sharing and security investment in a two period game where the social planner moves first is the most beneficial control scenario when the firms’ defense efficiencies are high. If these are sufficiently high, the attack is deterred altogether. |
| |
| Keywords: | Cyber war Conflict Contest success function Security investment Information sharing Security breaches Interdependence Social planner Social welfare Budget control |
| 本文献已被 ScienceDirect 等数据库收录! |
|
