RETHINKING FS-ISAC: AN IT SECURITY INFORMATION SHARING MODEL FOR THE FINANCIAL SERVICES SECTOR
Charles Liu (),
Humayun Zafar and
Yoris Au
Additional contact information
Charles Liu: UTSA
Working Papers from College of Business, University of Texas at San Antonio
Abstract:
This study examines a critical incentive alignment issue facing FS-ISAC (the information sharing alliance in the financial services industry). Failure to encourage members to share their IT security-related information has seriously undermined the founding rationale of FS-ISAC. Our analysis shows that many information sharing alliances’ membership policies are plagued with the incentive misalignment issue and may result in a “freeriding” or “no information sharing” equilibrium. To address this issue, we propose a new information sharing membership policy that incorporates an insurance option and show that the proposed policy can align members’ incentives and lead to a socially optimal outcome. Moreover, when a transfer payment mechanism is implemented, all member firms will be better off joining the insurance network. These results are demonstrated in a simulation in which IT security breach losses are compared both with and without participating in the proposed information sharing insurance plan.
Keywords: security; organization; information sharing; economic theory; game theory; simulation (search for similar items in EconPapers)
JEL-codes: C70 D53 D71 D74 G22 (search for similar items in EconPapers)
Pages: 26 pages
Date: 2013-11-04
References: Add references at CitEc
Citations:
Downloads: (external link)
http://interim.business.utsa.edu/wps/is/0023IS-673-2013.pdf Full text (application/pdf)
Our link check indicates that this URL is bad, the error code is: 404 Not Found
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:tsa:wpaper:0209is
Access Statistics for this paper
More papers in Working Papers from College of Business, University of Texas at San Antonio Contact information at EDIRC.
Bibliographic data for series maintained by Wendy Frost ().