Journal of Computer Security - IFIP 2000
Market for Software Vulnerabilities? Think Again
Management Science
The Simple Economics of Cybercrimes
IEEE Security and Privacy
Information Systems Frontiers
International Journal of Electronic Commerce
Cybersecurity: Stakeholder incentives, externalities, and policy options
Telecommunications Policy
Special Section: Competitive Strategy, Economics, and Information Systems
Journal of Management Information Systems
Information Security: Facilitating User Precautions Vis-à-Vis Enforcement Against Attackers
Journal of Management Information Systems
Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers
Journal of Management Information Systems
ACM Transactions on Management Information Systems (TMIS)
Should We Go Our Own Way? Backsourcing Flexibility in IT Services Contracts
Journal of Management Information Systems
Safe Contexts for Interorganizational Collaborations Among Homeland Security Professionals
Journal of Management Information Systems
A comparative study of cyberattacks
Communications of the ACM
Patch Release Behaviors of Software Vendors in Response to Vulnerabilities: An Empirical Analysis
Journal of Management Information Systems
| Hi-index | 0.02 |
We adapt the event study methodology from research in financial economics to study the impact of government enforcement and economic opportunities on information security attacks. We found limited evidence that domestic enforcement deters attacks within the country. However, we found compelling evidence of a displacement effect: U. S. enforcement substantially increases attacks originating from other countries. We also found strong evidence that attackers are economically motivated in that the number of attacks is increasing in the U. S. unemployment rate. Our findings were robust to differences in the effective time window of enforcement and the measurement of vulnerabilities.