Proper Incentives for Proper IT Security Management – A System Dynamics Approach

dc.contributor.authorGonzalez, Jose J.
dc.contributor.authorTrcek, Denis
dc.date.accessioned2016-12-29T00:57:16Z
dc.date.available2016-12-29T00:57:16Z
dc.date.issued2017-01-04
dc.description.abstractAbstract \ It has been known for many years that security failures are caused at least as often by bad incentives as by bad design. However, the regulatory correction of bad incentives is not easy in practice and it is still lacking. In the meantime, system dynamics models of security systems can improve the situation by increasing the awareness that misaligned incentives can backfire as long-term consequences of security failures hit back the principal. We illustrate our argument using system archetypes and concept simulation models revealing the impact of two different security strategies, viz. misaligned incentives (the customer having the burden of proof in case of alleged fraud) vs the bank having the burden of proof. From this we argue that online system dynamics could be used in eGovernment to educate principals and the public. Also, legal measures could become more effective when supported with forensic evidence from simulation models. \
dc.format.extent10 pages
dc.identifier.doi10.24251/HICSS.2017.289
dc.identifier.isbn978-0-9981331-0-2
dc.identifier.urihttp://hdl.handle.net/10125/41445
dc.language.isoeng
dc.relation.ispartofProceedings of the 50th Hawaii International Conference on System Sciences
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subjectCybersecurity
dc.subjectEconomics
dc.subjectIncentives
dc.subjectSystem dynamics
dc.titleProper Incentives for Proper IT Security Management – A System Dynamics Approach
dc.typeConference Paper
dc.type.dcmiText

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
paper0296.pdf
Size:
617.33 KB
Format:
Adobe Portable Document Format