A Strategic Model of Cybersecurity with Multiple Agents and Actions Jomon A. Paul and Abhra Roy
Coles Research Symposium on Homeland Security Special Issue, SIFALL21-03, October 2021
Overview We analyze a model of cybersecurity involving two firms and two strategic attackers by employing a location choice framework embedded in a non- cooperative game. The location aspect of the model captures the vertical and horizontal ties of the firms with others in the network. The firms employ three tools to subvert damage from an attack, namely, a) prevention b) detection and containment. The attacker chooses the ‘location’ of the attack and the amount of effort to exert to avoid detection. This setup allows us to capture all possible types of strategic interaction between the players and the tools of cybersecurity and allows us to compare between the various forms of organizing cyber-defense. We find that the administration of cyber-security may be best handled by a central planner over any other forms of organization. Further, we show that firms are better off when they invest in both prevention and detection.
26 | Coles Research Symposium
Made with FlippingBook - Online catalogs