DigiTally
Ross Anderson describes DigiTally, a secure payments system for use in areas where there is little or no network connectivity…. Continue reading DigiTally
Category Archives: economicsofsecurity
DigiTally
Ross Anderson describes DigiTally, a secure payments system for use in areas where there is little or no network connectivity…. Continue reading DigiTally
Regulation of the Internet of Things
Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the outages, and the vulnerabilities that made the attack possible, was as much a failure of market and policy as it was of technology. If we want to secure our increasingly computerized and connected world, we… Continue reading Regulation of the Internet of Things
Lessons From the Dyn DDoS Attack
A week ago Friday, someone took down numerous popular websites in a massive distributed denial-of-service (DDoS) attack against the domain name provider Dyn. DDoS attacks are neither new nor sophisticated. The attacker sends a massive amount of traffic, causing the victim’s system to slow to a crawl and eventually crash. There are more or less clever variants, but basically, it’s… Continue reading Lessons From the Dyn DDoS Attack
Free Online Cybersecurity Economics Course
TU Delft is running a free online class in cybersecurity economics…. Continue reading Free Online Cybersecurity Economics Course
Security Economics of the Internet of Things
Brian Krebs is a popular reporter on the cybersecurity beat. He regularly exposes cybercriminals and their tactics, and consequently is regularly a target of their ire. Last month, he wrote about an online attack-for-hire service that resulted in the arrest of the two proprietors. In the aftermath, his site was taken down by a massive DDoS attack. In many ways,… Continue reading Security Economics of the Internet of Things
Cybercrime as a Tax on the Internet Economy
I was reading this 2014 McAfee report on the economic impact of cybercrime, and came across this interesting quote on how security is a tax on the Internet economy: Another way to look at the opportunity cost of cybercrime is to see it as a share of the Internet economy. Studies estimate that the Internet economy annually generates between $2… Continue reading Cybercrime as a Tax on the Internet Economy
Financial Cyber Risk Is Not Systemic Risk
This interesting essay argues that financial risks are generally not systemic risks, and instead are generally much smaller. That’s certainly been our experience to date: While systemic risk is frequently invoked as a key reason to be on guard for cyber risk, such a connection is quite tenuous. A cyber event might in extreme cases result in a systemic crisis,… Continue reading Financial Cyber Risk Is Not Systemic Risk
Smart Essay on the Limitations of Anti-Terrorism Security
This is good: Threats constantly change, yet our political discourse suggests that our vulnerabilities are simply for lack of resources, commitment or competence. Sometimes, that is true. But mostly we are vulnerable because we choose to be; because we’ve accepted, at least implicitly, that some risk is tolerable. A state that could stop every suicide bomber wouldn’t be a free… Continue reading Smart Essay on the Limitations of Anti-Terrorism Security
Interesting Research on the Economics of Privacy
New paper: "The Economics of Privacy, by Alessandro Acquisti, Curtis R. Taylor, and Liad Wagman: Abstract: This article summarizes and draws connections among diverse streams of empirical and theoretical research on the economics of privacy. Our focus is on the economic value and consequences of privacy and of personal information, and on consumers’ understanding of and decisions about the costs… Continue reading Interesting Research on the Economics of Privacy