Skip to main content
SpringerLink
Log in

A game theory model of cybersecurity investments with information asymmetry

  • Published:
NETNOMICS: Economic Research and Electronic Networking Aims and scope Submit manuscript

Abstract

In this paper, we develop a game theory model consisting of sellers and buyers with sellers competing non-cooperatively in order to maximize their expected profits by determining their optimal product transactions as well as cybersecurity investments. The buyers reflect their preferences through the demand price functions, which depend on the product demands and on the average level of security in the marketplace. We demonstrate that the governing equilibrium conditions of this model with security information asymmetry can be formulated as a variational inequality problem. We provide qualitative properties and propose an algorithmic scheme that is easy to implement. Three sets of numerical examples are presented which reveal the impacts of the addition of buyers and sellers and a variety of changes in demand price and investment cost functions on the equilibrium product transaction and security level patterns.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Akerlof, G.A. (1970). The market for lemons: Quality uncertainty and the market mechanism. Quarterly Journal of Economics, 84(3), 488–500.

    Article  Google Scholar 

  2. Alter, D. (2014). Security investent more important than ever after latest data breaches. Money morning, September 8.

  3. Anderson, R., & Moore, T. (2006). Science, 314(5799), 610–613.

    Article  Google Scholar 

  4. Cavasoglu, H., Raghunathan, S., & Yue, W.T. (2008). Decision-theoretic and game-theoretic approaches to IT security investment. Journal of Management Information Systems, 25(2), 281–304.

    Article  Google Scholar 

  5. Center for Strategic and International Studies (2014). Net losses: Estimating the global cost of cybercrime. Santa Clara, California.

  6. Cournot, A.A. (1838). Researches into the mathematical principles of the theory of wealth, English translation. London, England: MacMillan.

  7. Dafermos, S., & Nagurney, A. (1987). Oligopolistic and competitive behavior of spatially separated markets. Regional Science and Urban Economics, 17, 245–254.

    Article  Google Scholar 

  8. Dupuis, P., & Nagurney, A. (1993). Dynamical systems and variational inequalities. Annals of Operations Research, 44, 9–42.

    Article  Google Scholar 

  9. Gabay, D., & Moulin, H. (1980). On the uniqueness and stability of Nash equilibria in noncooperative games. In Bensoussan, A., Kleindorfer, P., & Tapiero, C.S. (Eds.) Applied stochastic control of econometrics and management science (pp. 271–294). Amsterdam.

  10. Gartner. (2013). “Gartner reveals top 10 security myths”: by Ellen Messmer, NetworkWorld.

  11. Gordon, L.A., & Loeb, M.P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 4, 438–457.

    Article  Google Scholar 

  12. Hausken, K. (2006). Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability. Information Systems Frontiers, 8(5), 338–349.

    Article  Google Scholar 

  13. Kirk, J. (2014). Target contractor says it was victim of cyberattack. PC World, February 6.

  14. Kunreuther, H., & Heal, G. (2003). Interdependent security. The Journal of Risk and Uncertainty, 26(2/3), 231–249.

    Article  Google Scholar 

  15. Manshei, M.H., Alpcan, T., Basar, T., & Hubaux, J.-P. (2013). Game theory meets networks security and privacy. ACM Computing Surveys, 45(3), 25:1-25:34.

    Google Scholar 

  16. Market Research (2013). United States Information Technology report Q2 2012, April 24.

  17. Matsuura, K. (2008). Productivity space of information security in an extension of the Gordon-Loeb’s investment model. In Proceedings of the seventh workshop on the economics of information security (WEIS2008), Tuck School of Business, Dartmouth College. New Hampshire.

  18. Nagurney, A. (1999). Network economics: A variational inequality approach, second and revised edition. Boston: Kluwer.

    Book  Google Scholar 

  19. Nagurney, A. (2015). A multiproduct network economic model of cybercrime in financial services. Service Science, 7(1), 70–81.

    Article  Google Scholar 

  20. Nagurney, A., & Li, D. (2014). Equilibria and dynamics of supply chain network competition with information asymmetry in quality and minimum quality standards. Computational Management Science, 11(3), 285–315.

  21. Nagurney, A., Li, D., Wolf, T., & Saberi, S. (2013). A network economic game theory model of a service-oriented internet with choices and quality competition. Netnomics, 14(1-2), 1–25.

  22. Nagurney, A., & Yu, M. (2012). Sustainable fashion supply chain management under oligopolistic competition and brand differentiation. International Journal of Production Economics, 135, 532–540.

    Article  Google Scholar 

  23. Nagurney, A., Yu, M., & Qiang, Q. (2011). Supply chain network design for critical needs with outsourcing. Papers in Regional Science, 90, 123–142.

    Article  Google Scholar 

  24. Nagurney, A., & Zhang, D. (1996). Projected dynamical systems and variational inequalities with applications. Boston: Kluwer.

    Book  Google Scholar 

  25. Nash, J.F. (1950). Equilibrium points in n-person games. In Proceedings of the National Academy of Sciences, USA, (Vol. 36 pp. 48–49).

  26. Nash, J.F. (1951). Noncooperative games. Annals of Mathematics, 54, 286–298.

    Article  Google Scholar 

  27. Ponemon Institute (2013). Second annual cost of cyber crime study: Benchmark study of U.S. companies.

  28. PriceWaterhouseCoopers (2014). Global economic crime survey.

  29. Shetty, N.G. (2010). Design of network architectures: Role of game theory and economics. PhD dissertation, technical report no. UCB/EECS-2010-91, Electrical Engineering and Computer Sciences. Berkeley: University of California.

    Google Scholar 

  30. Shetty, N., Schwartz, G., Felegehazy, M., & Walrand, J. (2009). Competitive cyber-insurance and Internet security. In Proceedings of the Eighth Workshop on the Economics of Information Security (WEIS 2009). London, June 24-25: University College.

  31. Tatsumi, K., & Goto, M. (2009). Optimal timing of information security investment: A real options approach. London, June 24–25: University College.

    Google Scholar 

  32. Varian, H.R. (2004). System reliability and free riding. In Camp, L.J., & Lewis, S. (Eds.) Economics of information security (pp. 1–15). Boston: Kluwer.

  33. Zhang, D., & Nagurney, A. (1995). On the stability of projected dynamical systems. Journal of Optimization Theory and its Applications, 85, 97–124.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Isenberg School of Management, University of Massachusetts, Amherst, MA, 01003, USA

    Anna Nagurney

  2. Department of Electrical and Computer Engineering, University of Hartford, West Hartford, CT, 06117, USA

    Ladimer S. Nagurney

Authors
  1. Anna Nagurney
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ladimer S. Nagurney
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anna Nagurney.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nagurney, A., Nagurney, L.S. A game theory model of cybersecurity investments with information asymmetry. Netnomics 16, 127–148 (2015). https://doi.org/10.1007/s11066-015-9094-7

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11066-015-9094-7

Keywords

Search

Navigation