A differential game approach to security investment and information sharing in a competitive environment. Issue 6 (2nd June 2016)
- Record Type:
- Journal Article
- Title:
- A differential game approach to security investment and information sharing in a competitive environment. Issue 6 (2nd June 2016)
- Main Title:
- A differential game approach to security investment and information sharing in a competitive environment
- Authors:
- Gao, Xing
Zhong, Weijun - Abstract:
- ABSTRACT: Information security economics, an emerging and thriving research topic, attempts to address the problems of distorted incentives for stakeholders in an Internet environment, including firms, hackers, the public sector, and other participants, using economic approaches. To alleviate consumer anxiety about the loss of sensitive information, and to further increase consumer demand, firms usually integrate their information security investment strategies to capture market share from competitors and their security information sharing strategies to increase consumer demand across all member firms in industry-based information sharing centers. Using differential game theory, this article investigates dynamic strategies for security investment and information sharing for two competing firms under targeted attacks, in which both firms can influence the value of their information assets through the endogenous determination of pricing rates. We analytically and numerically examine how both security investment rates and information sharing rates are affected by several key parameters in a non-cooperative scenario, including the efficiency of security investment rates, sensitivity parameters for pricing rates, coefficients of consumer demand losses, and the density of targeted attacks. Our results reveal that, confronted with a higher coefficient of consumer demand loss and a higher density of targeted attacks, both firms are reluctant to aggressively defend against hackersABSTRACT: Information security economics, an emerging and thriving research topic, attempts to address the problems of distorted incentives for stakeholders in an Internet environment, including firms, hackers, the public sector, and other participants, using economic approaches. To alleviate consumer anxiety about the loss of sensitive information, and to further increase consumer demand, firms usually integrate their information security investment strategies to capture market share from competitors and their security information sharing strategies to increase consumer demand across all member firms in industry-based information sharing centers. Using differential game theory, this article investigates dynamic strategies for security investment and information sharing for two competing firms under targeted attacks, in which both firms can influence the value of their information assets through the endogenous determination of pricing rates. We analytically and numerically examine how both security investment rates and information sharing rates are affected by several key parameters in a non-cooperative scenario, including the efficiency of security investment rates, sensitivity parameters for pricing rates, coefficients of consumer demand losses, and the density of targeted attacks. Our results reveal that, confronted with a higher coefficient of consumer demand loss and a higher density of targeted attacks, both firms are reluctant to aggressively defend against hackers and would rather decrease the negative effect of hacker attacks by lowering their pricing rates. Also, we derive feedback equilibrium solutions for the situation where both firms cooperate in security investment, information sharing, or both. It is revealed that although a higher hacker attack density always decreases a firm's integral profits, both firms are not always willing to cooperate in security investment and information sharing. Specifically, the superior firm benefits most when both firms fully cooperate and benefits the least when they behave fully non-cooperatively. However, the inferior firm enjoys the highest integral profit when both firms only cooperate in information sharing and the lowest integral profit in the completely cooperative situation. … (more)
- Is Part Of:
- IIE transactions. Volume 48:Issue 6(2016)
- Journal:
- IIE transactions
- Issue:
- Volume 48:Issue 6(2016)
- Issue Display:
- Volume 48, Issue 6 (2016)
- Year:
- 2016
- Volume:
- 48
- Issue:
- 6
- Issue Sort Value:
- 2016-0048-0006-0000
- Page Start:
- 511
- Page End:
- 526
- Publication Date:
- 2016-06-02
- Subjects:
- Information security economics -- security investment -- information sharing -- pricing -- feedback equilibrium -- differential game
Industrial engineering -- Periodicals
Génie industriel
620 - Journal URLs:
- http://www.tandfonline.com/toc/uiie20/current ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1080/0740817X.2015.1125044 ↗
- Languages:
- English
- ISSNs:
- 0740-817X
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4363.805700
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 963.xml