 A Model of Information Security and CompetitionAlexandre de Cornière and Greg Taylor No 21-1285, TSE Working Papers from Toulouse School of Economics (TSE) Abstract: Cyberattacks are a pervasive threat in the digital economy, with the potential to harm rms and their customers. Larger rms constitute more valuable targets to hack- ers, thereby creating negative network eects. These can be mitigated by investments in security, which play both a deterrent and a protective role. We study equilibrium investment in information security under imperfect competition in a model where con- sumers dier in terms of security savviness. We show that the competitive implications of security depend on rms' business models: when rms compete in prices, security intensies competition, which implies that it is always underprovided in equilibrium (unlike in the monopoly case). When rms are advertising-funded, security plays a business-stealing role, and may be overprovided. In terms of policy, we show that both the structure of the optimal liability regime and the ecacy of certication schemes also depend on rms' business model. Date: 2021-12 Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:tse:wpaper:126391 Access Statistics for this paper More papers in TSE Working Papers from Toulouse School of Economics (TSE) Contact information at EDIRC. |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.