Proper Incentives for Proper IT Security Management – A System Dynamics Approach

Date

2017-01-04

Contributor

Advisor

Department

Instructor

Depositor

Speaker

Researcher

Consultant

Interviewer

Narrator

Transcriber

Annotator

Journal Title

Journal ISSN

Volume Title

Publisher

Volume

Number/Issue

Starting Page

Ending Page

Alternative Title

Abstract

Abstract \ It has been known for many years that security failures are caused at least as often by bad incentives as by bad design. However, the regulatory correction of bad incentives is not easy in practice and it is still lacking. In the meantime, system dynamics models of security systems can improve the situation by increasing the awareness that misaligned incentives can backfire as long-term consequences of security failures hit back the principal. We illustrate our argument using system archetypes and concept simulation models revealing the impact of two different security strategies, viz. misaligned incentives (the customer having the burden of proof in case of alleged fraud) vs the bank having the burden of proof. From this we argue that online system dynamics could be used in eGovernment to educate principals and the public. Also, legal measures could become more effective when supported with forensic evidence from simulation models. \

Description

Keywords

Cybersecurity, Economics, Incentives, System dynamics

Citation

Extent

10 pages

Format

Geographic Location

Time Period

Related To

Proceedings of the 50th Hawaii International Conference on System Sciences

Related To (URI)

Table of Contents

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International

Rights Holder

Local Contexts

Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.