IDEAS home Printed from https://ideas.repec.org/a/spr/infosf/v16y2014i4d10.1007_s10796-012-9373-x.html
   My bibliography  Save this article

Dynamic competition in IT security: A differential games approach

Author

Listed:
  • Tridib Bandyopadhyay

    (Kennesaw State University)

  • Dengpan Liu

    (Iowa State University)

  • Vijay S. Mookerjee

    (The University of Texas at Dallas)

  • Allen W. Wilhite

    (University of Alabama at Huntsville)

Abstract

Hackers evaluate potential targets to identify poorly defended firms to attack, creating competition in IT security between firms that possess similar information assets. We utilize a differential game framework to analyze the continuous time IT security investment decisions of firms in such a target group. We derive the steady state equilibrium of the duopolistic differential game, show how implicit competition induces overspending in IT defense, and then demonstrate how such overinvestment can be combated by innovatively managing the otherwise misaligned incentives for coordination. We show that in order to achieve cooperation, the firm with the higher asset value must take the lead and provide appropriate incentives to elicit participation of the other firm. Our analysis indicates that IT security planning should not remain an internal, firm-level decision, but also incorporate the actions of those firms that hackers consider as alternative targets.

Suggested Citation

  • Tridib Bandyopadhyay & Dengpan Liu & Vijay S. Mookerjee & Allen W. Wilhite, 2014. "Dynamic competition in IT security: A differential games approach," Information Systems Frontiers, Springer, vol. 16(4), pages 643-661, September.
  • Handle: RePEc:spr:infosf:v:16:y:2014:i:4:d:10.1007_s10796-012-9373-x
    DOI: 10.1007/s10796-012-9373-x
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10796-012-9373-x
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s10796-012-9373-x?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Gary M. Erickson, 1992. "Empirical Analysis of Closed-Loop Duopoly Advertising Strategies," Management Science, INFORMS, vol. 38(12), pages 1732-1749, December.
    2. Hausken, Kjell, 2006. "Income, interdependence, and substitution effects affecting incentives for security investment," Journal of Accounting and Public Policy, Elsevier, vol. 25(6), pages 629-665.
    3. Gary M. Erickson, 1997. "Note: Dynamic Conjectural Variations in a Lanchester Oligopoly," Management Science, INFORMS, vol. 43(11), pages 1603-1608, November.
    4. Kunreuther, Howard & Heal, Geoffrey, 2003. "Interdependent Security," Journal of Risk and Uncertainty, Springer, vol. 26(2-3), pages 231-249, March-May.
    5. Gustav Feichtinger & Richard F. Hartl & Suresh P. Sethi, 1994. "Dynamic Optimal Control Models in Advertising: Recent Developments," Management Science, INFORMS, vol. 40(2), pages 195-226, February.
    6. Erickson, Gary M., 1995. "Differential game models of advertising competition," European Journal of Operational Research, Elsevier, vol. 83(3), pages 431-438, June.
    7. Huseyin Cavusoglu & Birendra Mishra & Srinivasan Raghunathan, 2005. "The Value of Intrusion Detection Systems in Information Technology Security Architecture," Information Systems Research, INFORMS, vol. 16(1), pages 28-46, March.
    8. Dockner,Engelbert J. & Jorgensen,Steffen & Long,Ngo Van & Sorger,Gerhard, 2000. "Differential Games in Economics and Management Science," Cambridge Books, Cambridge University Press, number 9780521637329, September.
    9. Hausken, Kjell, 2007. "Information sharing among firms and cyber attacks," Journal of Accounting and Public Policy, Elsevier, vol. 26(6), pages 639-688.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Xing Gao & Weijun Zhong, 2015. "Information security investment for competitive firms with hacker behavior and security requirements," Annals of Operations Research, Springer, vol. 235(1), pages 277-300, December.
    2. Zenan Zhou & Xiang Wan, 2022. "Does the Sharing Economy Technology Disrupt Incumbents? Exploring the Influences of Mobile Digital Freight Matching Platforms on Road Freight Logistics Firms," Production and Operations Management, Production and Operations Management Society, vol. 31(1), pages 117-137, January.
    3. Xiaotong Li & Qianyao Xue, 2021. "An economic analysis of information security investment decision making for substitutable enterprises," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 42(5), pages 1306-1316, July.
    4. Xing Gao & Weijun Zhong, 2016. "Economic incentives in security information sharing: the effects of market structures," Information Technology and Management, Springer, vol. 17(4), pages 361-377, December.
    5. Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
    6. S. Rasoul Etesami & Tamer Başar, 2019. "Dynamic Games in Cyber-Physical Security: An Overview," Dynamic Games and Applications, Springer, vol. 9(4), pages 884-913, December.
    7. Yuntao Bai & Qiang Wang & Yueling Yang, 2022. "From Pollution Control Cooperation of Lancang-Mekong River to “Two Mountains Theory”," Sustainability, MDPI, vol. 14(4), pages 1-24, February.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Xing Gao & Weijun Zhong & Shue Mei, 2013. "Information Security Investment When Hackers Disseminate Knowledge," Decision Analysis, INFORMS, vol. 10(4), pages 352-368, December.
    2. Xing Gao & Weijun Zhong & Shue Mei, 2015. "Security investment and information sharing under an alternative security breach probability function," Information Systems Frontiers, Springer, vol. 17(2), pages 423-438, April.
    3. Pietro De Giovanni, 2019. "Digital Supply Chain through Dynamic Inventory and Smart Contracts," Mathematics, MDPI, vol. 7(12), pages 1-25, December.
    4. Huang, Jian & Leng, Mingming & Liang, Liping, 2012. "Recent developments in dynamic advertising research," European Journal of Operational Research, Elsevier, vol. 220(3), pages 591-609.
    5. Kjell Hausken, 2017. "Security Investment, Hacking, and Information Sharing between Firms and between Hackers," Games, MDPI, vol. 8(2), pages 1-23, May.
    6. Richards, Timothy J., 2002. "Dynamic Strategic Interaction: A Synthesis Of Modeling Methods," Western Economics Forum, Western Agricultural Economics Association, vol. 1(1), pages 1-5.
    7. Monahan, George E. & Sobel, Matthew J., 1997. "Risk-Sensitive Dynamic Market Share Attraction Games," Games and Economic Behavior, Elsevier, vol. 20(2), pages 149-160, August.
    8. Lambertini, Luca & Zaccour, Georges, 2015. "Inverted-U aggregate investment curves in a dynamic game of advertising," Economics Letters, Elsevier, vol. 132(C), pages 34-38.
    9. Gao, Xing & Zhong, Weijun & Mei, Shue, 2013. "A game-theory approach to configuration of detection software with decision errors," Reliability Engineering and System Safety, Elsevier, vol. 119(C), pages 35-43.
    10. Wang, Qinan & Wu, Zhang, 2001. "A duopolistic model of dynamic competitive advertising," European Journal of Operational Research, Elsevier, vol. 128(1), pages 213-226, January.
    11. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    12. Kjell Hausken, 2018. "Proactivity and Retroactivity of Firms and Information Sharing of Hackers," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 20(01), pages 1-30, March.
    13. Amir, Rabah & Machowska, Dominika & Troege, Michael, 2021. "Advertising patterns in a dynamic oligopolistic growing market with decay," Journal of Economic Dynamics and Control, Elsevier, vol. 131(C).
    14. Matthew Spiegel & Heather Tookes, 2008. "Dynamic Competition, Innovation and Strategic Financing," Yale School of Management Working Papers amz2500, Yale School of Management.
    15. A. Prasad & S. P. Sethi, 2004. "Competitive Advertising Under Uncertainty: A Stochastic Differential Game Approach," Journal of Optimization Theory and Applications, Springer, vol. 123(1), pages 163-185, October.
    16. Chenavaz, Régis Y. & Feichtinger, Gustav & Hartl, Richard F. & Kort, Peter M., 2020. "Modeling the impact of product quality on dynamic pricing and advertising policies," European Journal of Operational Research, Elsevier, vol. 284(3), pages 990-1001.
    17. Kjell Hausken, 2017. "Information Sharing Among Cyber Hackers in Successive Attacks," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 19(02), pages 1-33, June.
    18. Ramla Jarrar & Guiomar Martín-Herrán & Georges Zaccour, 2004. "Markov Perfect Equilibrium Advertising Strategies of Lanchester Duopoly Model: A Technical Note," Management Science, INFORMS, vol. 50(7), pages 995-1000, July.
    19. Richards, Timothy J. & Patterson, Paul M., 2002. "Strategic Interaction With Multiple Tools: A New Empirical Model," Working Papers 28545, Arizona State University, Morrison School of Agribusiness and Resource Management.
    20. Dengpan Liu & Subodha Kumar & Vijay S. Mookerjee, 2012. "Advertising Strategies in Electronic Retailing: A Differential Games Approach," Information Systems Research, INFORMS, vol. 23(3-part-2), pages 903-917, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:infosf:v:16:y:2014:i:4:d:10.1007_s10796-012-9373-x. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.