[1] Cai Chuanxi, Mei Shue, Zhong Weijun,. Security investment and information sharing for complementaryfirms with heterogeneous monetary loss [J]. Journal of Southeast University (English Edition), 2017, 33 (2): 241-248. [doi:10.3969/j.issn.1003-7985.2017.02.019]
Copy
Security investment and information sharing for complementaryfirms with heterogeneous monetary loss(
)
)Journal of Southeast University (English Edition)[ISSN:1003-7985/CN:32-1325/N]
- Volumn:
- 33
- Issue:
- 2017 2
- Page:
- 241-248
- Research Field:
- Economy and Management
- Publishing date:
- 2017-06-30
Info
- Title:
- Security investment and information sharing for complementaryfirms with heterogeneous monetary loss
- Author(s):
- Cai Chuanxi; Mei Shu’e; Zhong Weijun
- School of Economics and Management, Southeast University, Nanjing 211189, China.
- Keywords:
- complementary firm; contest success function; security investment; information sharing; leakage cost
- PACS:
- C931
- DOI:
- 10.3969/j.issn.1003-7985.2017.02.019
- Abstract:
- Two complementary firms’ information sharing and security investment are investigated. When two complementary firms with heterogeneous assets are both breached, it is assumed that they suffer different losses which are associated with their information assets. Some insights about optimal strategies for the firms and the attacker are obtained by the game theory, which forms a comparison with those derived from substitutable firms, and those derived from complementary firms with homogenous loss. In addition, both the unit transform cost of investment and the extent of firms’ loss affect the optimal strategies. Assuming that firms can control information sharing, security investments and both of them, respectively, the effect of the social planner is further analyzed on the information sharing, firms’ aggregate defence, the aggregate attack and social total cost. Finally, some policy advice is provided through numerical simulation. Results show that firms are willing to choose security investment centrally rather than individually, but an intervention in information sharing by the social planner may not necessarily be preferable.
References:
[1] Cavusoglu H, Raghunathan S, Cavusoglu H. Configuration of and interaction between information security technologies: The case of firewalls and intrusion detection systems [J]. Information Systems Research, 2009, 20(2): 198-217. DOI:10.1287/isre.1080.0180.
[2] Gao X, Zhong W J, Mei S E. A game-theory approach to configuration of detection software with decision errors [J]. Reliability Engineering & System Safety, 2013, 119: 35-43. DOI:10.1016/j.ress.2013.05.004.
[3] Gao X, Zhong W J. Information security investment for competitive firms with hacker behaviour and security requirements [J]. Annals of Operations Research, 2015, 235(1):277-300. DOI:10.1007/s10479-015-1925-2.
[4] Liu D, Ji Y, Mookerjee V. Knowledge sharing and investment decisions in information security [J]. Decision Support Systems, 2011, 52(1): 95-107. DOI:10.1016/j.dss.2011.05.007.
[5] Liu Z, Tian X, Shi Q. Governance mechanisms of knowledge sharing in network virtual community [J]. Chinese Journal of Management, 2015, 12(9): 1394-1401.(in Chinese)
[6] Hausken K. Information sharing among firms and cyber attacks [J]. Journal of Accounting and Public Policy, 2007, 26(6): 639-688. DOI:10.1016/j.jaccpubpol.2007.10.001.
[7] Gao X, Zhong W J, Mei S E. A game-theoretic analysis of information sharing and security investment for complementary firms [J]. Journal of the Operational Research Society, 2013, 65(11):1682-1691. DOI:10.1057/jors.2013.133.
[8] Gordon L A, Loeb M P, Lucyshyn W, et al. The impact of information sharing on cyber security under investment: A real options perspective [J]. Journal of Accounting and Public Policy, 2015, 34(5):509-519. DOI:10.1016/j.jaccpubpol.2015.05.001.
[9] Gao X, Zhong W. A differential game approach to security investment and information sharing in a competitive environment [J]. IIE Transactions, 2016, 48(6): 511-526. DOI:10.1080/0740817x.2015.1125044.
[10] Büyükkarabacak B, Valev N. Credit information sharing and banking crises:An empirical investigation [J]. Journal of Macroeconomics, 2012, 34(3):788-800. DOI:10.1016/j.jmacro.2012.03.002.
[11] Sayogo D S, Pardo T A, Bloniarz P. Information flows and smart disclosure of financial data: A framework for identifying challenges of cross boundary information sharing [J]. Government Information Quarterly, 2014, 31: S72-S83. DOI:10.1016/j.giq.2013.12.004.
[12] Gao P, Nie J, Xie Z. Strategies of information sharing in supply chain with remanufacturing considering the existence of green consumers [J]. Journal of Industrial Engineering/Engineering Management. 2014, 28(4):193-200.(in Chinese)
[13] Gao X, Zhong W, Mei S. Security investment and information sharing under an alternative security breach probability function [J]. Information Systems Frontiers, 2015, 17(2):423-438. DOI:10.1007/s10796-013-9411-3.
[14] Hausken K. Strategic defense and attack of complex networks [J]. International Journal of Performability Engineering, 2009, 5(1): 13-30.
[15] Hausken K. Income, interdependence, and substitution effects affecting incentives for security investment [J]. Journal of Accounting and Public Policy, 2006, 25(6): 629-665. DOI:10.1016/j.jaccpubpol.2006.09.001.
[16] Hausken K.Whether to attack a terrorist’s resource stock today or tomorrow [J]. Games and Economic Behavior, 2008, 64(2): 548-564. DOI:10.1016/j.geb.2008.02.001.
[17] Hausken K, Zhuang J. Defending against a stockpiling terrorist [J]. The Engineering Economist, 2011, 56(4): 321-353. DOI:10.5711/1082598316121.
Memo
- Memo:
-
Biographies: Cai Chuanxi(1985—), male, graduate; Mei Shu’e(corresponding author), female, doctor, professor, meishue@seu.edu.cn.
Foundation item: The National Natural Science Foundation of China(No.71371050).
Citation: Cai Chuanxi, Mei Shu’e, Zhong Weijun.Security investment and information sharing for complementary firms with heterogeneous monetary loss[J].Journal of Southeast University(English Edition), 2017, 33(2):241-248.DOI:10.3969/j.issn.1003-7985.2017.02.019.