A Modest Proposal for Open Market Risk Assessment to Solve the   Cyber-Security Problem

Timothy J. O'Shea; Adam Mondl; T. Charles. Clancy

arXiv:1604.08675·cs.CR·May 2, 2016·2 cites

A Modest Proposal for Open Market Risk Assessment to Solve the Cyber-Security Problem

Timothy J. O'Shea, Adam Mondl, T. Charles. Clancy

PDF

Open Access

TL;DR

This paper proposes a market-based economic model for cyber-risk valuation aimed at improving incentives and transparency in the cybersecurity industry to foster a more secure and robust information marketplace.

Contribution

It introduces a novel market-based risk valuation system to address incentive misalignments and improve cybersecurity practices.

Findings

01

Identifies incentives causing cybersecurity issues

02

Proposes a market-based risk pricing system

03

Suggests improved transparency and decision-making

Abstract

We introduce a model for a market based economic system of cyber-risk valuation to correct fundamental problems of incentives within the information technology and information processing industries. We assess the makeup of the current day marketplace, identify incentives, identify economic reasons for current failings, and explain how a market based risk valuation system could improve these incentives to form a secure and robust information marketplace for all consumers by providing visibility into open, consensus based risk pricing and allowing all parties to make well informed decisions.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsInformation and Cyber Security · Cybercrime and Law Enforcement Studies · Network Security and Intrusion Detection