In the late 1990s, researchers began to grasp that the roots of many information security failures can be better explained with the language of economics than by pointing to instances of technical flaws. This led to a thriving new interdisciplinary research field combining economic and engineering insights, measurement approaches and methodologies to ask fundamental questions concerning the viability of a free and open information society. While economics and information security comprise the nucleus of an academic movement that quickly drew the attention of thinktanks, industry, and governments, the field has expanded to surrounding areas such as management of information security, privacy, and, more recently, cybercrime, all studied from an interdisciplinary angle by combining methods from microeconomics, econometrics, qualitative social sciences, behavioral sciences, and experimental economics.
This book is structured in four parts, reflecting the main areas: management ofinformation security, economics of information security, economics of privacy, and economics of cybercrime. Each individual contribution documents, discusses, and advances the state of the art concerning its specific research questions. It will be of value to academics and practitioners in the related fields.
This book is structured in four parts, reflecting the main areas: management ofinformation security, economics of information security, economics of privacy, and economics of cybercrime. Each individual contribution documents, discusses, and advances the state of the art concerning its specific research questions. It will be of value to academics and practitioners in the related fields.
From the book reviews:
"The first section focuses on information security management, while the three remaining sections focus on the economics of information security, privacy, and cybercrime, respectively. ... it contains useful data for the chief information security or privacy officer articulating the economic rationale for proposed information security or privacy initiatives to a CFO or Board." (Lee Imrey, Computing Reviews, September, 2014)
"The first section focuses on information security management, while the three remaining sections focus on the economics of information security, privacy, and cybercrime, respectively. ... it contains useful data for the chief information security or privacy officer articulating the economic rationale for proposed information security or privacy initiatives to a CFO or Board." (Lee Imrey, Computing Reviews, September, 2014)