Abstract
Contemporary cyberdefense is too slow, it lacks foresight, and it is often ineffective. This introductory chapter explains these problems and proposes how the contributions in this volume can help to overcome them.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Accenture. (2019). The cost of cybercrime: Ninth annual cost of cybercrime study. Accenture Security with Ponemon Institute LLC, Traverse City MI: Research report.
Anderson, R. J. (2010). Security engineering: A guide to building dependable distributed systems. Wiley.
Anderson, R., & Moore, T. (2006). The economics of information security. Science, 314(5799), 610–613.
Barbaglia, L., Frattarolo, L., Onorante, L., Maria Pericoli, F., Ratto, M., & Tiozzo Pezzoli, L. (2022). Testing big data in a big crisis: Nowcasting under Covid-19. International Journal of Forecasting, forthcoming.
Baron, J., & Ritov, I. (2004). Omission bias, individual differences, and normality. Organizational Behavior and Human Decision Processes, 94(2), 74–85.
Beal, B. (2005). IT security: The product vendor landscape. Network Security, 5, 9–10.
Böhme, R. (2013). The economics of information security and privacy. Berlin, Heidelberg: Springer.
Böhme, R. (2012). Security audits revisited. In A. D. Keromytis (Ed.), Financial cryptography and data security (pp. 129–147). Berlin, Heidelberg: Springer.
Böhme, R., & Félegyházi, M. (2010). Optimal information security investment with penetration testing. In T. Alpcan, L. Buttyan, & J. S. Baras (Eds.), Decision and game theory for security (pp. 21–37). Berlin, Heidelberg: Springer.
Campbell, K., Gordon, L. A., Loeb, M. P., & Zhou, L. (2003). The economic cost of publicly announced information security breaches: Empirical evidence from the stock market. Journal of Computer Security, 11(3), 431–448.
Cresson Wood, C. (2004). Why information security is now multidisciplinary, multi-departmental, and multi-organizational in nature. Computer Fraud & Security, 2004(1), 16–17.
Falco, G., et al. (2019). Cyber risk research impeded by disciplinary barriers. Science, 366(6469), 1066–1069.
Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2015). Externalities and the magnitude of cyber security underinvestment by private sector firms: A modification of the Gordon-Loeb model. Journal of Information Security, 6(1), 24–30.
Gordon, L. A., Loeb, M. P., & Sohail, T. (2010). Market value of voluntary disclosures concerning information security. MIS Quarterly, 34(3), 567–594.
Gordon, L. A., Loeb, M. P., Lucyshin, W., & Richardson, R. (2005). CSI/FBI computer crime and security survey. Computer Security Journal, 21(3), 1.
Herath, H., & Herath, T. (2008). Investments in information security: A real options perspective With Bayesian post-audit. Journal of Management Information Systems, 25(3), 337–375.
Hunter, L. Y., Albert, C. D., & Garrett, E. (2021). Factors that motivate state-sponsored cyberattacks. The Cyber Defense Review, 6(2), 111–128.
IBM. (2020). Cost of a data breach report. (2020). IBM Security. Armonk NY: IBM Corp.
Islam, M. S., Farah, N., & Stafford, T. F. (2018). Factors associated with security/cybersecurity audit by internal audit function: An international study. Managerial Auditing Journal, 33(4), 377–409.
Kam, H. J., Mattson, T., & Goel, S. (2020). A cross industry study of institutional pressures on organizational effort to raise information security awareness. Information Systems Frontiers, 22(5), 1241–1264.
Keupp, M. M. (2020). The security of critical infrastructures (pp. 1–14). Cham: Springer Nature.
Lelarge, M. (2012). Coordination in network security games: A monotone comparative statics approach. IEEE Journal on Selected Areas in Communications, 30(11), 2210–2219.
Lindsay, J. R. (2013). Stuxnet and the limits of cyber warfare. Security Studies, 22(3), 365–404.
Macias, P., Stelmasiak, D., & Szafranek, K. (2022). Nowcasting food inflation with a massive amount of online prices. International Journal of Forecasting, forthcoming.
Malladi, S., & Subramanian, H. C. (2020). Bug bounty programs for cybersecurity: Practices, issues, and recommendations. IEEE Software, 37(1), 31–39.
NCSC. (2018). Foreign economic espionage in cyberspace. U.S. National Counterintelligence and Security Center, Washington D.C.: Office of the Director of National Intelligence.
OECD. (2012). Cybersecurity policy making at a turning point: Analysing a new generation of national cybersecurity strategies for the internet economy. Paris: OECD Publishing.
Ohlin, J. D. (2016). Did Russian cyber interference in the 2016 election violate international law? Texas Law Review, 95, 1579.
Osawa, J. (2017). The escalation of state sponsored cyberattack and national cyber security affairs: Is strategic cyber deterrence the key to solving the problem? Asia-Pacific Review, 24(2), 113–131.
Patt, A., & Zeckhauser, R. (2000). Action bias and environmental decisions. Journal of Risk and Uncertainty, 21(1), 45–72.
Pliatsos, D., Sarigiannidis, S., Lagkas, T., & Sarigiannidis, A. (2020). A survey on SCADA systems: Secure protocols, incidents, threats and tactics. IEEE Communications Surveys and Tutorials, 22(3), 1942–1976.
Purser, S. A. (2004). Improving the ROI of the security management process. Computers & Security, 23(7), 542–546.
Schatz, D., & Bashroush, R. (2017). Economic valuation for information security investment: A systematic literature review. Information Systems Frontiers, 19(5), 1205–1228.
Shirtz, D., & Elovici, Y. (2011). Optimizing investment decisions in selecting information security remedies. Information Management & Computer Security, 19(2), 95–112.
Smith, T., Higgs, J., & Pinsker, R. (2019). Do auditors price breach risk in their audit fees? Journal of Information Systems, 33(2), 177–204.
Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225.
Srivastava, S. K., Das, S., Udo, G. J., & Bagchi, K. (2020). Determinants of cybercrime originating within a nation: A cross-country study. Journal of Global Information Technology Management, 23(2), 112–137.
Tselios, C., Tsolis, G., & Athanatos, M., et al. (2020). A comprehensive technical survey of contemporary cybersecurity products and solutions. Springer lecture notes in computer scienceIn A. P. Fournaris (Ed.), Computer security (Vol. 11981, pp. 3–18). Cham: Springer International Publishing.
Wirth, A. (2019). Reviewing today’s cyberthreat landscape. Biomedical Instrumentation & Technology, 53(3), 227–231.
Yeh, Q. J., & Chang, A. J. (2007). Threats and countermeasures for information system security: A cross-industry study. Information & Management, 44(5), 480–491.
Zhou, L., Loeb, M. P., Gordon, L. A., & Lucyshyn, W. (2018). Empirical evidence on the determinants of cybersecurity investments in private sector firms. Journal of Information Security, 9(2), 720–726.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Keupp, M.M. (2023). Introduction and Overview. In: Keupp, M.M. (eds) Cyberdefense. International Series in Operations Research & Management Science, vol 342. Springer, Cham. https://doi.org/10.1007/978-3-031-30191-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-30191-9_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-30190-2
Online ISBN: 978-3-031-30191-9
eBook Packages: Business and ManagementBusiness and Management (R0)