Investments and trade-offs in the economics of information security

Christos Ioannidis, David Pym, J Williams

Research output: Chapter in Book/Report/Conference proceedingConference contribution

20 Citations (Scopus)

Abstract

We develop and simulate a dynamic model of investment in information security. The model is based oil the recognition that both IT managers and users appreciate the trade-off between two of the fundamental characteristics of information security, namely confidentiality and availability. The model's parameters can be clustered in a manner that allows us to categorize and compare the responses to shocks of various types of organizations. We derive the system's stability conditions and find that they admit a wide choice of parameters. We examine tire system's responses to the same shock in confidentiality under different parameter constellations that correspond to various types of organizations. Our analysis illustrates that the response to investments in information security will be uniform in neither size nor time evolution.
Original languageEnglish
Title of host publicationFinancial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers
EditorsR Dingledine, P Golle
Place of PublicationBerlin, Heidelberg
PublisherSpringer
Pages148-166
Number of pages19
ISBN (Print)9783642035487
DOIs
Publication statusPublished - 2009
Event13th International Conference on Financial Cryptography and Data Security - Accra Beach, Barbados
Duration: 1 Jul 2009 → …

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume5628
ISSN (Print)0302-9743

Conference

Conference13th International Conference on Financial Cryptography and Data Security
CountryBarbados
CityAccra Beach
Period1/07/09 → …

Fingerprint

Trade-offs
Economics of information
Information security
Confidentiality
Tire
Managers
Oil

Cite this

Ioannidis, C., Pym, D., & Williams, J. (2009). Investments and trade-offs in the economics of information security. In R. Dingledine, & P. Golle (Eds.), Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers (pp. 148-166). (Lecture Notes in Computer Science; Vol. 5628). Berlin, Heidelberg: Springer. https://doi.org/10.1007/978-3-642-03549-4_9

Investments and trade-offs in the economics of information security. / Ioannidis, Christos; Pym, David; Williams, J.

Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers. ed. / R Dingledine; P Golle. Berlin, Heidelberg : Springer, 2009. p. 148-166 (Lecture Notes in Computer Science; Vol. 5628).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ioannidis, C, Pym, D & Williams, J 2009, Investments and trade-offs in the economics of information security. in R Dingledine & P Golle (eds), Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers. Lecture Notes in Computer Science, vol. 5628, Springer, Berlin, Heidelberg, pp. 148-166, 13th International Conference on Financial Cryptography and Data Security, Accra Beach, Barbados, 1/07/09. https://doi.org/10.1007/978-3-642-03549-4_9
Ioannidis C, Pym D, Williams J. Investments and trade-offs in the economics of information security. In Dingledine R, Golle P, editors, Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers. Berlin, Heidelberg: Springer. 2009. p. 148-166. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-642-03549-4_9
Ioannidis, Christos ; Pym, David ; Williams, J. / Investments and trade-offs in the economics of information security. Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers. editor / R Dingledine ; P Golle. Berlin, Heidelberg : Springer, 2009. pp. 148-166 (Lecture Notes in Computer Science).
@inproceedings{4791fda4747f4668b22d895456e4c0fa,
title = "Investments and trade-offs in the economics of information security",
abstract = "We develop and simulate a dynamic model of investment in information security. The model is based oil the recognition that both IT managers and users appreciate the trade-off between two of the fundamental characteristics of information security, namely confidentiality and availability. The model's parameters can be clustered in a manner that allows us to categorize and compare the responses to shocks of various types of organizations. We derive the system's stability conditions and find that they admit a wide choice of parameters. We examine tire system's responses to the same shock in confidentiality under different parameter constellations that correspond to various types of organizations. Our analysis illustrates that the response to investments in information security will be uniform in neither size nor time evolution.",
author = "Christos Ioannidis and David Pym and J Williams",
year = "2009",
doi = "10.1007/978-3-642-03549-4_9",
language = "English",
isbn = "9783642035487",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "148--166",
editor = "R Dingledine and P Golle",
booktitle = "Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers",

}

TY - GEN

T1 - Investments and trade-offs in the economics of information security

AU - Ioannidis, Christos

AU - Pym, David

AU - Williams, J

PY - 2009

Y1 - 2009

N2 - We develop and simulate a dynamic model of investment in information security. The model is based oil the recognition that both IT managers and users appreciate the trade-off between two of the fundamental characteristics of information security, namely confidentiality and availability. The model's parameters can be clustered in a manner that allows us to categorize and compare the responses to shocks of various types of organizations. We derive the system's stability conditions and find that they admit a wide choice of parameters. We examine tire system's responses to the same shock in confidentiality under different parameter constellations that correspond to various types of organizations. Our analysis illustrates that the response to investments in information security will be uniform in neither size nor time evolution.

AB - We develop and simulate a dynamic model of investment in information security. The model is based oil the recognition that both IT managers and users appreciate the trade-off between two of the fundamental characteristics of information security, namely confidentiality and availability. The model's parameters can be clustered in a manner that allows us to categorize and compare the responses to shocks of various types of organizations. We derive the system's stability conditions and find that they admit a wide choice of parameters. We examine tire system's responses to the same shock in confidentiality under different parameter constellations that correspond to various types of organizations. Our analysis illustrates that the response to investments in information security will be uniform in neither size nor time evolution.

UR - http://dx.doi.org/10.1007/978-3-642-03549-4_9

U2 - 10.1007/978-3-642-03549-4_9

DO - 10.1007/978-3-642-03549-4_9

M3 - Conference contribution

SN - 9783642035487

T3 - Lecture Notes in Computer Science

SP - 148

EP - 166

BT - Financial cryptography and data security:13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised selected papers

A2 - Dingledine, R

A2 - Golle, P

PB - Springer

CY - Berlin, Heidelberg

ER -