Hacker Behavior, Network Effects, and the Security Software Market

Authors:
Debabrata Dey;Atanu Lahiri;Guoying Zhang
Affiliations:
Foster School of Business, University of Washington;Foster School of Business, University of Washington;Dillard College of Business Administration, Midwestern State University
Venue:
Journal of Management Information Systems
Year:
2012

Citing 16
Cited 0

Network externalities in microcomputer software: an econometric analysis of the spreadsheet market

Management Science
Information rules: a strategic guide to the network economy

Information rules: a strategic guide to the network economy
The Mathematics of Infectious Diseases

SIAM Review
The economics of information security investment

ACM Transactions on Information and System Security (TISSEC)
Budgeting process for information security expenditures

Communications of the ACM - Personal information management
Network Software Security and User Incentives

Management Science
An Information Systems Security Risk Assessment Model Under the Dempster-Shafer Theory of Belief Functions

Journal of Management Information Systems
Understanding the Value of Countermeasure Portfolios in Information Systems Security

Journal of Management Information Systems
Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment

Journal of Management Information Systems
Let the Pirates Patch? An Economic Analysis of Software Security Patch Restrictions

Information Systems Research
Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

Information Systems Research
Investments in Information Security: A Real Options Perspective with Bayesian Postaudit

Journal of Management Information Systems
Information Security: Facilitating User Precautions Vis-à-Vis Enforcement Against Attackers

Journal of Management Information Systems
Risks and Benefits of Signaling Information System Characteristics to Strategic Attackers

Journal of Management Information Systems
The impact of malicious agents on the enterprise software industry

MIS Quarterly
Revisiting the incentive to tolerate illegal distribution of software products

Decision Support Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The market for security software has witnessed an unprecedented growth in recent years. A closer examination of this market reveals certain idiosyncrasies that are not observed in a traditional market. For example, it is a highly competitive market with over 80 vendors. Yet the market coverage is relatively low. Prior research has not attempted to explain what makes this market so different. In this paper, we develop an economic model to find possible answers to this question. Our model uses existing classification of different types of attacks and models their resulting network effects. We find that the negative network effect from indirect attacks, which is further enhanced by value-based targeted attacks, provides a possible explanation for the unique structure of this market. Overall, our results highlight the unique nature of the security software market, furnish rigorous arguments for several counterintuitive observations in the real world, and provide managerial insights for vendors on market competition.