IDEAS home Printed from https://ideas.repec.org/a/eee/telpol/v33yi10-11p706-719.html
   My bibliography  Save this article

Cybersecurity: Stakeholder incentives, externalities, and policy options

Author

Listed:
  • Bauer, Johannes M.
  • van Eeten, Michel J.G.

Abstract

Information security breaches are increasingly motivated by fraudulent and criminal motives. Reducing their considerable costs has become a pressing issue. Although cybersecurity has strong public good characteristics, most information security decisions are made by individual stakeholders. Due to the interconnectedness of cyberspace, these decentralized decisions are afflicted with externalities that can result in sub-optimal security levels. Devising effective solutions to this problem is complicated by the global nature of cyberspace, the interdependence of stakeholders, as well as the diversity and heterogeneity of players. The paper develops a framework for studying the co-evolution of the markets for cybercrime and cybersecurity. It examines the incentives of stakeholders to provide for security and their implications for the ICT ecosystem. The findings show that market and non-market relations in the information infrastructure generate many security-enhancing incentives. However, pervasive externalities remain that can only be corrected by voluntary or government-led collective measures.

Suggested Citation

  • Bauer, Johannes M. & van Eeten, Michel J.G., 0. "Cybersecurity: Stakeholder incentives, externalities, and policy options," Telecommunications Policy, Elsevier, vol. 33(10-11), pages 706-719, November.
  • Handle: RePEc:eee:telpol:v:33:y::i:10-11:p:706-719
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0308596109000986
    Download Restriction: Full text for ScienceDirect subscribers only
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
    2. Kox, Henk L.M., 2013. "Cybersecurity in the perspective of Internet traffic growth," MPRA Paper 47883, University Library of Munich, Germany.
    3. Malecki, Edward J., 2017. "Real people, virtual places, and the spaces in between," Socio-Economic Planning Sciences, Elsevier, vol. 58(C), pages 3-12.
    4. Alain Mermoud & Marcus Matthias Keupp & Kévin Huguenin & Maximilian Palmié & Dimitri Percia David, 2019. "To share or not to share: A behavioral perspective on human participation in security information sharing," Post-Print hal-02147702, HAL.
    5. e Silva, Karine, 2013. "Europe's fragmented approach towards cyber security," Internet Policy Review: Journal on Internet Regulation, Alexander von Humboldt Institute for Internet and Society (HIIG), Berlin, vol. 2(4), pages 1-8.
    6. Viktoria Gisladottir & Alexander A. Ganin & Jeffrey M. Keisler & Jeremy Kepner & Igor Linkov, 2017. "Resilience of Cyber Systems with Over‐ and Underregulation," Risk Analysis, John Wiley & Sons, vol. 37(9), pages 1644-1651, September.
    7. Rosie Collins & Cavan O’Connor-Close & Aria Zhang, 2020. "Cyber incident cost estimates and the importance of building resilience," Reserve Bank of New Zealand Bulletin, Reserve Bank of New Zealand, vol. 83, pages 1-17, February.
    8. Brenden KUERBIS & Milton L. MUELLER, 2011. "Negotiating a New Governance Hierarchy: An Analysis of the Conflicting Incentives to Secure Internet Routing," Communications & Strategies, IDATE, Com&Strat dept., vol. 1(81), pages 125-142, 1st quart.
    9. Shin, Dong-Hee & Jung, Jaemin, 2012. "Socio-technical analysis of Korea's broadband convergence network: Big plans, big projects, big prospects?," Telecommunications Policy, Elsevier, vol. 36(7), pages 579-593.
    10. Karen Renaud & Verena Zimmermann & Tim Schürmann & Carlos Böhm, 2021. "Exploring cybersecurity-related emotions and finding that they are challenging to measure," Palgrave Communications, Palgrave Macmillan, vol. 8(1), pages 1-17, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:telpol:v:33:y::i:10-11:p:706-719. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/wps/find/journaldescription.cws_home/30471/description#description .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.