IDEAS home Printed from https://ideas.repec.org/a/eee/chsofr/v200y2025ip2s0960077925010537.html

The impact of cyber-attacks on cybersecurity investment game model

Author

Listed:
  • Moussa, Fatima Zahra
  • Zine-Dine, Khalid

Abstract

The increasing complexity and frequency of cyberattacks present significant challenges for organizations, emphasizing the need for strategic cybersecurity investments. Given the interdependent nature of cybersecurity, collaborative investment strategies enable organizations to pool resources and enhance collective resilience. This paper introduces a game-theoretic model based on a public goods framework to examine cooperative cybersecurity investments under varying levels of cyberattack risk. The model captures the decision-making process of multiple agents (e.g., firms, organizations, or individuals) as they determine whether and how much to invest in shared cybersecurity defense. A key feature of our approach is the incorporation of cyberattack risk as a determinant of cooperation, reflecting real-world uncertainty in cyber threat severity and likelihood. We also examine how network topology shapes both cybersecurity investment decisions and vulnerability to attacks. Our analysis identifies the conditions that promote cooperation, the factors that influence investment levels, and how risk perception and network structure together affect strategic choices. Our findings provide insights into effective cybersecurity investment strategies in interdependent security environments.

Suggested Citation

  • Moussa, Fatima Zahra & Zine-Dine, Khalid, 2025. "The impact of cyber-attacks on cybersecurity investment game model," Chaos, Solitons & Fractals, Elsevier, vol. 200(P2).
    • Handle: RePEc:eee:chsofr:v:200:y:2025:i:p2:s0960077925010537
    DOI: 10.1016/j.chaos.2025.117040
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0960077925010537
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.chaos.2025.117040?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to

    for a different version of it.

    References listed on IDEAS

    as
    1. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    2. Wang, Zhen & Li, Chaofan & Jin, Xing & Ding, Hong & Cui, Guanghai & Yu, Lanping, 2021. "Evolutionary dynamics of the interdependent security games on complex network," Applied Mathematics and Computation, Elsevier, vol. 399(C).
    3. Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
    4. Lee, In, 2021. "Cybersecurity: Risk management framework and investment cost analysis," Business Horizons, Elsevier, vol. 64(5), pages 659-671.
    5. Wing Fung Chong & Runhuan Feng & Hins Hu & Linfeng Zhang, 2022. "Cyber Risk Assessment for Capital Management," Papers 2205.08435, arXiv.org, revised Jan 2025.
    6. Wing Fung Chong & Runhuan Feng & Hins Hu & Linfeng Zhang, 2025. "Cyber risk assessment for capital management," Journal of Risk & Insurance, The American Risk and Insurance Association, vol. 92(2), pages 424-471, June.
    7. Charles A. Holt & Ricky Sahu & Angela M. Smith, 2022. "An experimental analysis of risk effects in attacker‐defender games," Southern Economic Journal, John Wiley & Sons, vol. 89(1), pages 185-215, July.
    8. Colin Benjamin & Shubhayan Sarkar, 2018. "Triggers for cooperative behavior in the thermodynamic limit: a case study in Public goods game," Papers 1804.06465, arXiv.org, revised Apr 2019.
    9. Nagurney, Anna & Shukla, Shivani, 2017. "Multifirm models of cybersecurity investment competition vs. cooperation and network vulnerability," European Journal of Operational Research, Elsevier, vol. 260(2), pages 588-600.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Kaur, Harpreet & Gupta, Mahima & Singh, Surya Prakash, 2024. "Integrated model to optimize supplier selection and investments for cyber resilience in digital supply chains," International Journal of Production Economics, Elsevier, vol. 275(C).
    2. Tang, Rui & Li, Mingyu, 2026. "Cybersecurity and corporate resilience –a study based on listed companies in China," Technology in Society, Elsevier, vol. 84(C).
    3. Radoslaw Miskiewicz, 2022. "Clean and Affordable Energy within Sustainable Development Goals: The Role of Governance Digitalization," Energies, MDPI, vol. 15(24), pages 1-17, December.
    4. Li, Qing & Yu, Guodong & Zhao, Peixin & Meng, Qingchun, 2025. "Strengthening and protecting hubs against sequential unintentional and intentional disruptions considering decision-dependent uncertainty," Reliability Engineering and System Safety, Elsevier, vol. 264(PA).
    5. Suyuan Luo & Tsan‐Ming Choi, 2022. "E‐commerce supply chains with considerations of cyber‐security: Should governments play a role?," Production and Operations Management, Production and Operations Management Society, vol. 31(5), pages 2107-2126, May.
    6. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    7. Slapničar, Sergeja & Axelsen, Micheal & Bongiovanni, Ivano & Stockdale, David, 2023. "A pathway model to five lines of accountability in cybersecurity governance," International Journal of Accounting Information Systems, Elsevier, vol. 51(C).
    8. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    9. Guizhou Wang & Jonathan W. Welburn & Kjell Hausken, 2020. "A Two-Period Game Theoretic Model of Zero-Day Attacks with Stockpiling," Games, MDPI, vol. 11(4), pages 1-26, December.
    10. Rice, John & Martin, Nigel, 2026. "Managing cybersecurity risks in Small businesses: A simulation-based decision framework," Technological Forecasting and Social Change, Elsevier, vol. 223(C).
    11. Chan, Chi Kin & Zhou, Yan & Wong, Kar Hung, 2018. "A dynamic equilibrium model of the oligopolistic closed-loop supply chain network under uncertain and time-dependent demands," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 118(C), pages 325-354.
    12. Zibin Cui & Chengming Du & You Zhao & Rui Hou & Zhonghui Ding, 2025. "A bane or a boon? impacts of IoT cyber-defense improvement in e-commerce channel," Operations Management Research, Springer, vol. 18(2), pages 668-690, June.
    13. Brho, Mazen & Jazairy, Amer & Glassburner, Aaron V., 2025. "The finance of cybersecurity: Quantitative modeling of investment decisions and net present value," International Journal of Production Economics, Elsevier, vol. 279(C).
    14. Kjell Hausken & Jonathan W. Welburn, 2021. "Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits," Information Systems Frontiers, Springer, vol. 23(6), pages 1609-1620, December.
    15. Li, Jianbin & Luo, Xiaomeng & Wang, Qifei & Zhou, Weihua, 2021. "Supply chain coordination through capacity reservation contract and quantity flexibility contract," Omega, Elsevier, vol. 99(C).
    16. Henock Mulugeta Melaku, 2023. "Context-Based and Adaptive Cybersecurity Risk Management Framework," Risks, MDPI, vol. 11(6), pages 1-22, May.
    17. Azhar Iqbal & Ishan Honhaga & Eyoel Teffera & Anthony Perry & Robin Baker & Glen Pearce & Claudia Szabo, 2024. "Vulnerability and Defence: A Case for Stackelberg Game Dynamics," Games, MDPI, vol. 15(5), pages 1-13, September.
    18. Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
    19. Paul, Jomon A. & Zhang, Minjiao, 2021. "Decision support model for cybersecurity risk planning: A two-stage stochastic programming framework featuring firms, government, and attacker," European Journal of Operational Research, Elsevier, vol. 291(1), pages 349-364.
    20. Ben Kejwang, 2022. "Effect of cybersecurity risk management practices on performance of insurance sector: A review of literature," International Journal of Research in Business and Social Science (2147-4478), Center for the Strategic Studies in Business and Finance, vol. 11(6), pages 334-340, September.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:chsofr:v:200:y:2025:i:p2:s0960077925010537. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Thayer, Thomas R. (email available below). General contact details of provider: https://www.journals.elsevier.com/chaos-solitons-and-fractals .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.