Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

Dynamics of Shared Security in the Cloud

Published Online:29 Jul 2024https://doi.org/10.1287/isre.2023.0256

References

  • Acquisti A, Adjerid I, Balebako R, Brandimarte L, Cranor LF, Komanduri S, Leon PG, et al. (2017) Nudges for privacy and security: Understanding and assisting users’ choices online. ACM Comput. Surveys 50(3):1–41.CrossrefGoogle Scholar
  • Al-Otaibi YD (2021) A shared two-way cybersecurity model for enhancing cloud service sharing for distributed user applications. ACM Trans. Internet Tech. 22(2):1–17.CrossrefGoogle Scholar
  • Almorsy M, Grundy J, Müller I (2016) An analysis of the cloud computing security problem. Proc. APSEC 2010 Cloud Workshop (Sydney, Australia).Google Scholar
  • Anderson R (2001) Why information security is hard—An economic perspective. Seventeenth Annual Comput. Security Appl. Conf. (IEEE, Piscataway, NJ), 358–365.Google Scholar
  • Anderson R (2008) Security Engineering: A Guide to Building Dependable Distributed Systems (John Wiley & Sons, Hoboken, NJ).Google Scholar
  • Andreoni J (1990) Impure altruism and donations to public goods: A theory of warm-glow giving. Econom. J. 100(401):464–477.CrossrefGoogle Scholar
  • Arce DG (2001) Leadership and the aggregation of international collective action. Oxford Econom. Papers 53(1):114–137.CrossrefGoogle Scholar
  • Arce DG (2018) Malware and market share. J. Cybersecurity 4(1):tyy010.CrossrefGoogle Scholar
  • Arce DG (2020) Cybersecurity and platform competition in the cloud. Comput. Security 93:101774.CrossrefGoogle Scholar
  • Arce DG (2022) Security-induced lock-in in the cloud. Bus. Inform. Systems Engrg. 64(4):501–513.CrossrefGoogle Scholar
  • Asghari H, van Eeten M, Bauer JM (2016) Economics of cybersecurity. Bauer JM, Latzer M, eds. Handbook on the Economics of the Internet (Edward Elgar Publishing, Cheltenham, UK), 11–41.CrossrefGoogle Scholar
  • August T, Niculescu MF, Shin H (2014) Cloud implications on software network structure and security risks. Inform. Systems Res. 25(3):489–510.LinkGoogle Scholar
  • Battaglini M, Harstad B (2016) Participation and duration of environmental agreements. J. Political Econom. 124(1):160–204.CrossrefGoogle Scholar
  • Benveniste LM, Scheinkman JA (1979) On the differentiability of the value function in dynamic models of economics. Econometrica 47(3):727–732.CrossrefGoogle Scholar
  • Bernheim BD, Peleg B, Whinston MD (1987) Coalition-proof Nash equilibria. I. Concepts. J. Econom. Theory 42(1):1–12.CrossrefGoogle Scholar
  • Blackwell D (1965) Discounted dynamic programming. Ann. Math. Statist. 36(1):226–235.CrossrefGoogle Scholar
  • Blumenthal MS (2011) Is security lost in the clouds? Comm. Strategies 1(81):69–86.Google Scholar
  • Cansever D (2020) Security games with insider threats. Zhu Q, Baras JS, Poovendran R, Chen J, eds. Internat. Conf. Decision Game Theory Security (Springer, Berlin, Heidelberg), 502–505.Google Scholar
  • Cavusoglu H, Raghunathan S, Yue WT (2014) Decision-theoretic and game-theoretic approaches to IT security investment. J. Management Inform. Systems 25(2):281–304.CrossrefGoogle Scholar
  • Chen Py, Kataria G, Krishnan R (2011) Correlated failures, diversification, and information security risk management. MIS Quart. 35(2):397–422.CrossrefGoogle Scholar
  • Cornes R, Sandler T (1994) The comparative static properties of the impure public good model. J. Public Econom. 54(3):403–421.CrossrefGoogle Scholar
  • Crowdstrike (2023) 2023 Cloud risk report. Technical report, Crowdstrike, Austin, TX.Google Scholar
  • Dechert WD (1997) Non cooperative dynamic games: A control theoretic approach. Working paper, University of Houston, Houston.Google Scholar
  • Dutta A, Sanyal P (2023) Examining the effects of virtual work on cybersecurity behavior. SAIS 2023 Proc. 21 (AIS Electronic Library, Atlanta).Google Scholar
  • Eaton B (2002) Applied Microeconomic Theory: Selected Essays of B. Curtis Eaton (Edward Elgar Publishing, Cheltenham, UK).CrossrefGoogle Scholar
  • Fedele A, Roner C (2022) Dangerous games: A literature review on cybersecurity investments. J. Econom. Surveys 36(1):157–187.CrossrefGoogle Scholar
  • Florêncio D, Herley C (2013) Where do all the attacks go? Schneier B, ed. Economics of Information Security and Privacy III (Springer, New York), 13–33.CrossrefGoogle Scholar
  • Friedman JW (1976) Oligopoly and the Theory of Games, vol. 8 (North-Holland, Amsterdam).Google Scholar
  • Garcia A, Sun Y, Shen J (2014) Dynamic platform competition with malicious users. Dynam. Games Appl. 4(3):290–308.CrossrefGoogle Scholar
  • Gariba ZP, Van Der Poll JA (2017) Security failure trends of cloud computing. 2017 IEEE 3rd Internat. Conf. Collaboration Internet Comput. (CIC) (IEEE, Piscataway, NJ), 247–256.Google Scholar
  • Geer D, Jardine E, Leverett E (2020) On market concentration and cybersecurity risk. J. Cyber Policy 5(1):9–29.CrossrefGoogle Scholar
  • Gordon LA, Loeb MP (2002) The economics of information security investment. ACM Trans. Inform. System Security 5(4):438–457.CrossrefGoogle Scholar
  • Harrison GW, Hirshleifer J (1989) An experimental evaluation of weakest link/best shot models of public goods. J. Political Econom. 97(1):201–225.CrossrefGoogle Scholar
  • Harstad B (2012) Climate contracts: A game of emissions, investments, negotiations, and renegotiations. Rev. Econom. Stud. 79(4):1527–1557.CrossrefGoogle Scholar
  • Haurie A, Krawczyk JB, Zaccour G (2012) Games and Dynamic Games, vol. 1 (World Scientific Publishing, Singapore).CrossrefGoogle Scholar
  • Hausken K (2002) Probabilistic risk analysis and game theory. Risk Anal. 22(1):17–27.CrossrefGoogle Scholar
  • Hedlund J (2000) Risky business: Safety regulations, risk compensation, and individual behavior. Injury Prevention 6(2):82–89.CrossrefGoogle Scholar
  • Heitzenrater C, Simpson A (2016a) A case for the economics of secure software development. Gates C, Bohme R, Egelman S, Mannan M, eds. Proc. 2016 New Security Paradigms Workshop (ACM, New York), 26–29.Google Scholar
  • Heitzenrater C, Simpson A (2016b) Software security investment: The right amount of a good thing. 2016 IEEE Cybersecurity Development (SecDev) (IEEE, Piscataway, NJ), 53–59.Google Scholar
  • Hirshleifer J (1983) From weakest-link to best-shot: The voluntary provision of public goods. Public Choice 41(3):371–386.CrossrefGoogle Scholar
  • Howard R (2023) Cybersecurity First Principles: A Reboot of Strategy and Tactics (John Wiley & Sons, Hoboken, NJ).Google Scholar
  • Hubbard DW, Seiersen R (2023) How to Measure Anything in Cybersecurity Risk (John Wiley & Sons, Hoboken, NJ).CrossrefGoogle Scholar
  • IBM (2023) Cost of a data breach. Technical report, IBM Security, Armonk, NY.Google Scholar
  • Josa-Fombellida R, Rincón-Zapatero JP (2008) Markov perfect Nash equilibrium in stochastic differential games as solution of a generalized Euler equations system. Universidad Carlos III de Madrid Working Paper 08-67 Series 31, Calle Madrid, Getafe, Spain.Google Scholar
  • Kahn CM, Mookherjee D (1992) The good, the bad, and the ugly: Coalition proof equilibrium in infinite games. Games Econom. Behav. 4(1):101–121.CrossrefGoogle Scholar
  • Lee RS (2014) Competing platforms. J. Econom. Management Strategy 23(3):507–526.CrossrefGoogle Scholar
  • Lookabaugh T, Sicker DC (2004) Security and lock-in. Camp LJ, Lewis S, eds. Economics of Information Security, Advances in Information Security, vol. 12 (Springer, Boston), 225–246.CrossrefGoogle Scholar
  • McKay A, Nakamura E, Steinsson J (2017) The discounted Euler equation: A note. Economica 84(336):820–831.CrossrefGoogle Scholar
  • Neuhaus S, Plattner B (2013) Software security economics: Theory, in practice. Böhme R, ed. The Economics of Information Security and Privacy (Springer, Berlin), 75–92.CrossrefGoogle Scholar
  • O’Donnell AJ (2008) When malware attacks (anything but windows). IEEE Security Privacy 6(3):68–70.CrossrefGoogle Scholar
  • Olson M (1965) The Logic of Collective Action: Public Goods and the Theory of Groups, vol. 124 (Harvard University Press, Cambridge, MA).CrossrefGoogle Scholar
  • Opara-Martins J, Sahandi R, Tian F (2014) Critical review of vendor lock-in and its impact on adoption of cloud computing. Shoniregun CA, ed. Internat. Conf. Inform. Soc. (i-Society 2014) (IEEE, Piscataway, NJ), 92–97.Google Scholar
  • Opara-Martins J, Sahandi R, Tian F (2016) Critical analysis of vendor lock-in and its impact on cloud computing migration: A business perspective. J. Cloud Comput. 5(1):1–18.CrossrefGoogle Scholar
  • Ostrom E (1990) Governing the Commons: The Evolution of Institutions for Collective Action (Cambridge University Press, Cambridge, UK).CrossrefGoogle Scholar
  • Palo Alto Networks (2023) Unit 42 attack surface threat report. Technical report, Palo Alto Networks, Santa Clara, CA.Google Scholar
  • Ponemon Institute (2014) Data breach: The cloud multiplier effect. Technical report, Ponemon Institute, Traverse City, MI.Google Scholar
  • Safi R, Browne GJ (2023) Detecting cybersecurity threats: The role of the recency and risk compensating effects. Inform. Systems Frontiers 25(3):1277–1292.CrossrefGoogle Scholar
  • Samuelson PA (1954) The pure theory of public expenditure. Rev. Econom. Statist. 36(4):387–389.CrossrefGoogle Scholar
  • Sandler T, Arce D (2001) Transnational public goods: Strategies and institutions. Eur. J. Political Econom. 17(3):493–516.CrossrefGoogle Scholar
  • Sen R, Verma A, Heim GR (2020) Impact of cyberattacks by malicious hackers on the competition in software markets. J. Management Inform. Systems 37(1):191–216.CrossrefGoogle Scholar
  • Shapiro C, Varian HR (1998) Information Rules: A Strategic Guide to the Network Economy (Harvard Business Press, Boston).Google Scholar
  • Stoneburner G, Goguen A, Feringa A (2002) Risk management guide for information technology systems. NIST Special Publication Report No. 800-30, NIST, Gaithersburg, MD.Google Scholar
  • Tajalizadehkhoob S, Van Goethem T, Korczyński M, Noroozian A, Böhme R, Moore T, Joosen W, van Eeten M (2017) Herding vulnerable cats: A statistical approach to disentangle joint responsibility for web security in shared hosting. Proc. 2017 ACM SIGSAC Conf. Comput. Comm. Security (Special Interest Group on Security, Audit and Control (SIGSAC), Dallas, TX), 553–567.Google Scholar
  • Tianfield H (2012) Security issues in cloud computing. Wang J, Millán JdR, Choi S, eds. 2012 IEEE Internat. Conf. Systems Man Cybernetics (SMC) (IEEE, Piscataway, NJ), 1082–1089.Google Scholar
  • Tilley A, McMillan R (2022) Microsoft’s new security chief says it is time to take shelter in the cloud. Wall Street J. (February 23), B1.Google Scholar
  • Torkura KA, Sukmana MI, Cheng F, Meinel C (2021) Continuous auditing and threat detection in multi-cloud infrastructure. Comput. Security 102:102124.CrossrefGoogle Scholar
  • Varian HR (2004a) Competition and market power. Varian HR, Farrell J, Shapiro C, eds. The Economics of Information Technology: An Introduction, Raffaele Mattioli Lectures (Cambridge University Press, Cambridge, UK), 1–48.CrossrefGoogle Scholar
  • Varian HR (2004b) System reliability and free riding. Camp LJ, Lewis S, eds. Economics of Information Security, Advances in Information Security, vol. 12 (Springer, Boston), 1–15.CrossrefGoogle Scholar
  • Vasek M, Wadleigh J, Moore T (2015) Hacking is not random: A case-control study of webserver-compromise risk. IEEE Trans. Dependable Secure Comput. 13(2):206–219.CrossrefGoogle Scholar
  • Wilms K, Stieglitz S, Mäller B (2018) Feeling safe on a fluffy cloud: How cloud security and commitment affect users switching intention. Proc. Thirty Ninth Conf. Inform. Systems (ICIS, San Francisco).Google Scholar
  • Wiz (2023) 2023 state of the cloud. Technical report, Wiz, New York.Google Scholar
  • Zhang Z, Nan G, Tan Y (2020) Cloud services vs. on-premises software: Competition under security risk and product customization. Inform. Systems Res. 31(3):848–864.LinkGoogle Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree