Incentives in cybersecurity

Topics: Economics, Risk management

As evidenced in the last 10-15 years, cybersecurity is not a purely technical discipline. Decision-makers, whether sitting at security providers (IT companies), security demanders (everyone using IT) or the security industry, are mostly driven by economic incentives. Understanding these incentives are vital for designing systems that are secure in real-life scenarios [1].

The prospective student will identify a cybersecurity economics problem in the domain of risk management, cyber-warfare or sharing security-related information. The student will use elements of game theory and other domain-specific techniques and software tools to transform the problem into a model and to propose a solution.
Required skills: analytic thinking, good command of English
Preferred skills: basic knowledge of game theory, basic programming skills (e.g., python, matlab, NetLogo)
[1] Anderson, Ross, and Moore, Tyler. "The Economics of Information Security." Science 314.5799 (2006): 610-613.

Maximum number of students: 2 students

Contact: Gergely Biczók (CrySyS Lab)