A game-theoretic analysis of information sharing and security investment for complementary firms
- 68 Downloads
This paper investigates information sharing and security investments by two firms provided that their information assets are complementary in the sense that their combined information assets are of significant value, whereas the information asset of a single firm is no value to an attacker. In particular, assuming that each firm chooses its security investment and information sharing individually, we obtain some insights about the optimal choices for the firms and the attacker, which form sharp comparisons with those derived from common (substitutive) firms. We further analyse the effect of a social planner on social total costs by assuming that it can control security investments, information sharing and both of them respectively. We demonstrate that an increase in intervention by the social planner may not necessarily be preferable.
Keywordscomplementary firm contest success function security investment information sharing interdependence leakage cost
We would like to thank anonymous referees for constructive comments and suggestions that helped substantially improve the presentation of this manuscript. Financial supports from the National Natural Science Foundation of China (71071033) and the National Pillar Program of China (2012BAH29F01) are gratefully acknowledged.
- Fudenberg D and Tirole J (1993). Game Theory. MIT Press: Cambridge.Google Scholar
- Gao X, Zhong W and Mei S (2013b). Security investment and information sharing under an alternative security breach probability function. Information Systems Frontiers, advance online publication 23 February, doi:10.1007/s10796-013-9411-3.Google Scholar
- Hausken K and Zhuang J (2011). Defending against a stockpiling terrorist. The Engineering Economist 56 (4): 321–353.Google Scholar