Emergence of Economics of Security
National security is the canonical public good. The economic status of information security came to the intellectual fore around 2000. As is the case with innovations it arose simultaneously in multiple venues.
In 2000, Ross Anderson wrote, Why Computer Security is Hard. Anderson explained that a significant difficulty in optimal development of security technology is that incentives must be aligned with the technology to enable rational adoption. Thus, economic insights should be integrated into technical design. A security technology should enable the party at risk to invest to limit that risk. Otherwise, the designers are simply counting on altruism for adoption and diffusion. Many consider this publication the birth of economics of security.
Also in 2000 at Harvard, Camp at the School of Government and Wolfram in the Department of Economics argued that security is not a public good but rather each extant vulnerabilities has an associated negative externality value. Vulnerabilities were defined in this work as tradable goods. Six years later, iDEFENSE, ZDI and Mozilla have extant markets for vulnerabilities.
In 2000, the scientists at the Computer Emergency Response Team at Carnegie Mellon University proposed an early mechanism for risk assessment. The Hierarchical Holographic Model provided the first multi-faceted evaluation tool to guide security investments using the science of risk. Since that time, CERT has developed a suite of systematic mechanism for organizations to use in risk evaluations, depending on the size and expertise of the organization: OCTAVE. The study of computer security as an investment in risk avoidance has become standard practice.
In 2001 in an unrelated development, Larry Gordon and Marty Leob published A framework on using information security as a response to competitor analysis systems. These professor of Maryland's Smith School of Business examined the strategic use of security information from a classical business perspective.
The authors came together to develop and expand a series of flagship events under the name Worksop on the Economics of Information Security.
Read more about this topic: Economics Of Security
Famous quotes containing the words emergence of, emergence, economics and/or security:
“Much more frequent in Hollywood than the emergence of Cinderella is her sudden vanishing. At our party, even in those glowing days, the clock was always striking twelve for someone at the height of greatness; and there was never a prince to fetch her back to the happy scene.”
—Ben Hecht (1893–1964)
“Our policy is directed not against any country or doctrine, but against hunger, poverty, desperation and chaos. Its purpose should be the revival of a working economy in the world so as to permit the emergence of political and social conditions in which free institutions can exist.”
—George Marshall (1880–1959)
“There is no such thing as a free lunch.”
—Anonymous.
An axiom from economics popular in the 1960s, the words have no known source, though have been dated to the 1840s, when they were used in saloons where snacks were offered to customers. Ascribed to an Italian immigrant outside Grand Central Station, New York, in Alistair Cooke’s America (epilogue, 1973)
“If we could have any security against moods! If the profoundest prophet could be holden to his words, and the hearer who is ready to sell all and join the crusade, could have any certificate that to-morrow his prophet shall not unsay his testimony!”
—Ralph Waldo Emerson (1803–1882)