The Market Consequences of Cybersecurity: Difference between revisions
(New page: ==Full Title of Reference== The Market Consequences of Cybersecurity: Defining Externalities and Ways to Address Them ==Full Citation== OECD, ''The Market Consequences of Cybersecurity:...) |
No edit summary |
||
| Line 8: | Line 8: | ||
[http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=&startkey=OECD:2009&f=wikibiblio.bib ''BibTeX''] | [http://cyber.law.harvard.edu/cybersecurity/?title=Special:Bibliography&view=&startkey=OECD:2009&f=wikibiblio.bib ''BibTeX''] | ||
==Categorization== | ==Categorization== | ||
| Line 16: | Line 15: | ||
==Key Words== | ==Key Words== | ||
[[http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Internet_Service_Providers internet service providers]], [http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Malware malware], [http://cyber.law.harvard.edu/cybersecurity/Glossary_of_Core_Ideas#Risk_Management risk management] | |||
==Synopsis== | ==Synopsis== | ||
This chapter asks the | This chapter asks the following questions: Are participants in the information and communication markets responding adequately to malware, or are improvements possible? Pointing to a variety of reports that show increases in malicious attack trends, one might conclude that markets are not responding adequately. The analysis revealed a more nuanced picture. | ||
==Additional Notes and Highlights== | ==Additional Notes and Highlights== | ||
'''Outline:''' | |||
Three major categories of externalities | |||
Category 1: No externalities; market participants absorb all the | |||
costs of their security decisions. | |||
Category 2: Externalities are created, but they are borne by agents | |||
that can manage them. | |||
The ISP example | |||
The case of online financial services | |||
Category 3: Externalities are borne fully by other market | |||
participants or by society at large. | |||
The case of lax security by end users | |||
Distributional and efficiency effects | |||
Survey results on the costs of malware | |||
Key findings | |||
Revision as of 13:00, 9 June 2010
Full Title of Reference
The Market Consequences of Cybersecurity: Defining Externalities and Ways to Address Them
Full Citation
OECD, The Market Consequences of Cybersecurity: Defining Externalities and Ways to Address Them, in Computer Viruses and Other Malicious Software (OECD, 2009). Purchase
Categorization
Issues: Economics of Cybersecurity
Key Words
[internet service providers], malware, risk management
Synopsis
This chapter asks the following questions: Are participants in the information and communication markets responding adequately to malware, or are improvements possible? Pointing to a variety of reports that show increases in malicious attack trends, one might conclude that markets are not responding adequately. The analysis revealed a more nuanced picture.
Additional Notes and Highlights
Outline: Three major categories of externalities Category 1: No externalities; market participants absorb all the
costs of their security decisions.
Category 2: Externalities are created, but they are borne by agents
that can manage them.
The ISP example
The case of online financial services
Category 3: Externalities are borne fully by other market
participants or by society at large.
The case of lax security by end users Distributional and efficiency effects Survey results on the costs of malware Key findings