Externalities and the Magnitude of Cyber Security Underinvestment by Private Sector Firms: A Modification of the Gordon-Loeb Model

Journals Menu

Follow SCIRP

	+1 323-425-8868
	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journal of Information Security

ISSN Print: 2153-1234
ISSN Online: 2153-1242
www.scirp.org/journal/jis
E-mail: jis@scirp.org

Google-based Impact Factor: 3.79
Citations h5-index & Ranking*

Journals Menu

"Externalities and the Magnitude of Cyber Security Underinvestment by Private Sector Firms: A Modification of the Gordon-Loeb Model"
written by Lawrence A. Gordon, Martin P. Loeb, William Lucyshyn, Lei Zhou,
published by Journal of Information Security, Vol.6 No.1, 2015

has been cited by the following article(s):

Google Scholar
CrossRef

[1]	Dangerous games: A literature review on cybersecurity investments
	Journal of Economic Surveys, 2022

[2]	Expanding the Gordon-Loeb model to cyber-insurance
	Computers & Security, 2022

[3]	Cybersecurity For Defense Economists
	Defence and Peace Economics, 2022

[4]	Unravelling the dynamic complexity of cyber-security: Towards identifying core systemic structures driving cyber-security investment decision-making
	2022

[5]	A study of detection of abnormal network traffic: A comparison of multiple algorithms
	Security and Privacy, 2022

[6]	A proposed Framework for Studying the Impact of Cybersecurity on Accounting Information to Increase Trust in The Financial Reports in the Context of Industry 4.0: An …
	التجارة والتمويل, 2022

[7]	Making Markets for Information Security: The Role of Online Platforms in Bug Bounty Programs
	arXiv preprint arXiv:2204.06905, 2022

[8]	The Economics of Sharing Unclassified Cyber Threat Intelligence by Government Agencies and Departments
	Journal of Information Security, 2022

[9]	Cybersecurity Leadership from a Telemedicine/Telehealth Knowledge and Organizational Development Examination
	2022

[10]	Impact of Internal Control, Cybersecurity Risk, and Competitive Advantage on Retail Cybersecurity Budget
	2022

[11]	Web security assessment and strategy optimization based on attack-defense game
	2022

[12]	Defining
	… : Lessons from the Public …, 2021

[13]	An Interdisciplinary Study of Cybersecurity Investment in the Nonprofit Sector
	American Journal of Management, 2021

[14]	Pricing Cyber Security Insurance
	Journal of Mathematical …, 2021

[15]	Cybersecurity Aspects of Location-Based Services (LBS) in 5G Networks
	2021 IEEE 21st …, 2021

[16]	Understanding incentives for cybersecurity investments: Development and application of a typology
	Digital Business, 2021

[17]	Systematically Understanding Cybersecurity Economics: A Survey
	Sustainability, 2021

[18]	Cybersecurity, Personal Data Protection and Crime Prevention from an Italian Perspective
	2021

[19]	The best laid plans or lack thereof: Security decision-making of different stakeholder groups
	2021

[20]	The Benefits and Costs of Cybersecurity Risk Reduction: A Dynamic Extension of the Gordon and Loeb Model
	2021

[21]	Cyber-Security: Dos Attack Outcomes are Dangerous
	2021

[22]	Introducing the concept of cybersecurity footprint
	2021

[23]	Economic model for evaluating the value creation through information sharing within the cybersecurity information sharing ecosystem
	2021

[24]	Information Security Protection of Power System Computer Network
	2021

[25]	Determining a Return on Investment for Cybersecurity Technologies in Networked Critical Infrastructures
	2021

[26]	Business Strategies to Improve Internal and External Data Security Risks
	2021

[27]	Shared Wireless Infrastructures in Large Public Venues: Case Studies on Preventing Data Breaches
	2021

[28]	Three Essays on Cyber Risk Management
	2021

[29]	Identifying Challenges in Cybersecurity Incident Response: a Generic Qualitative Inquiry
	2021

[30]	МНОГОКРИТЕРИАЛЬНАЯ ОПТИМИЗАЦИОННАЯ ЗАДАЧА ПОИСКА ОПТИМАЛЬНЫХ СТРАТЕГИЙ ФИНАНСИРОВАНИЯ СРЕДСТВ ЗАЩИТЫ ИНФОРМАЦИИ …
	… и коммуникаций им. М …, 2020

[31]	Analysis of Models for Selection of Investment Strategies
	2020

[32]	Information Segmentation and Investing in Cybersecurity
	2020

[33]	Knowledge absorption for cyber-security: The role of human beliefs
	2020

[34]	Attack-Defense Game Model: Research on Dynamic Defense Mechanism of Network Security
	2020

[35]	Information security in healthcare supply chains: an analysis of critical information protection practices
	2020

[36]	The role of leadership in cybersecurity culture within the South African financial services
	Electronic Theses and Dissertations (ETD), 2020

[37]	Usage of Mathematical Models for Cybersecurity Analysis
	2020

[38]	Cybersecurity Risk-Responsibility Taxonomy: The Role of Cybersecurity Social Responsibility in Small Enterprises on Risk of Data Breach
	2020

[39]	Segurança da informação nas cadeias de suprimentos de saúde: uma análise das práticas críticas de proteção de informações
	2020

[40]	Investigating the impact of IT security investments on competitor's market value: Evidence from Korea stock market
	Asia Pacific Journal of Information …, 2020

[41]	Networks of Critical Infrastructures: Cost Estimation and Defense of Attacks
	2020

[42]	Insurability of Critical Infrastructures
	2020

[43]	ANALYSIS OF MATHEMATICAL MODELS OF INVESTMENT STRATEGIES IN THE UNIVERSITY ON CYBER SECURITY SYSTEMS
	2020

[44]	Seeking Ethical use of AI Algorithms: Challenges and Mitigations
	2020

[45]	Return on Cybersecurity Investment in Operational Technology Systems: Quantifying the Value That Cybersecurity Technologies Provide after Integration.
	2020

[46]	Cyber-Attacks From the Political Economy Perspective and Turkey
	2020

[47]	Quantifiable & Comparable Evaluations of Cyber Defensive Capabilities: A Survey & Novel, Unified Approach
	2020

[48]	A Visual Tool for the Analysis of Cybersecurity Investments
	2020

[49]	On the Extraction of Cyber Risks using Structured Products
	2019

[50]	Robustness of Optimal Investment Decisions in Mixed Insurance/Investment Cyber Risk Management
	2019

[51]	Analysis of Energy Delivery Sector Malware Attack Response Mechanisms
	2019

[52]	A Cybersecurity Dataset Derived from the National Collegiate Penetration Testing Competition
	2019

[53]	Hybrid and cybersecurity threats and the European Union's financial system
	Policy Contribution, 2019

[54]	Cybersecurity in accounting research
	2019

[55]	SUPPLEMENTING ISRM MODELS BY KRI IMPLEMENTATION
	2019

[56]	Hybrid and cybersecurity threats and the European Union's financial system. Policy Contribution Issue n˚ 10\| September 2019. Bruegel
	2019

[57]	A Holistic Approach to Evaluating Cyber Security Defensive Capabilities
	2019

[58]	Economic perspective analysis of protecting big data security and privacy
	2019

[59]	Snatched secrets: Cybercrime and trade secrets modelling a firm's decision to report a theft of trade secrets
	2019

[60]	To share or not to share: a behavioral perspective on human participation in security information sharing
	2019

[61]	The Game-Theoretic and Model-Based Method for Analysis of Power System Cyber-Physical Security
	2019

[62]	Cybersecurity Information Sharing Ecosystems: From the Perspective of Value Creation and Security Investments
	2019

[63]	Research on the game of information security investment based on the Gordon-Loeb model
	2018

[64]	An Empirical Study of Relationship between Information Security Investment and Information Security Incidents: A Focus on Information Security Training, Awareness …
	2018

[65]	정보보안 투자가 침해사고에 미치는 영향에 대한 실증분석: 정보보안 교육 서비스 투자를 중심으로
	2018

[66]	МОДЕЛЬ СТРАТЕГІЙ ІНВЕСТУВАННЯ В СИСТЕМИ КІБЕРБЕЗПЕКИ СИТУАЦІЙНИХ ЦЕНТРІВ ТРАНСПОРТУ
	2018

[67]	정보보안 투자가 침해사고에 미치는 영향에 대한 실증분석
	Journal of the Korea Institute of Information Security & Cryptology, 2018

[68]	Trade secrets and cyber security breaches
	Journal of Accounting and Public Policy, 2018

[69]	THE ART AND SCIENCE OF INFORMATION SECURITY INVESTMENTS FOR SMALL ENTERPRISES
	2018

[70]	Towards a Development of Cybersecurity Risk-Responsibility Taxonomy of Small Enterprises for Data Breach Risk Mitigation
	2018

[71]	MODEL OF INVESTMENT STRATEGIES IN CYBER SECURITY SYSTEMS OF TRANSPORT SITUATIONAL CENTERS
	2018

[72]	ARCADES: analysis of risk from cyberattack against defensive strategies for the power grid
	2018

[73]	Governance Models Preferences for Security Information Sharing: An Institutional Economics Perspective for Critical Infrastructure Protection
	2018

[74]	Strategy Formulation through Identification Of Asset Management Problem Of The Gorontalo City Government
	IOSR Journal Of Humanities And Social Science, 2018

[75]	ARCADES: Analysis of Risk from Cyber Attack against DEfensive Strategies for power grid
	2018

[76]	Motivating Cybersecurity Compliance in Critical Infrastructure Industries: A Grounded Theory Study
	ProQuest Dissertations Publishing, 2018

[77]	Incentives for Human Agents to Share Security Information: a Model and an Empirical Test
	2018

[78]	基于 Gordon-Loeb 模型的信息安全投资博弈研究
	2018

[79]	불완전 정보 하의 정보보호 투자 모델 및 투자 수준
	Journal of the Korea Institute of Information Security & Cryptology, 2017

[80]	Estimation of externalities in interdependent security: A case study of large systems
	2017

[81]	Internalization of Externalities in Interdependent Security: Large Network Cases
	2017

[82]	Challenges of Public-Private Partnerships in Cybersecurity
	ProQuest Dissertations Publishing, 2017

[83]	Calibration of the Gordon-Loeb Models for the Probability of Security Breaches
	UKSim-AMSS 19th International Conference on Modelling & Simulation, 2017

[84]	Effects of Data Breaches on Sector-Wide Systematic Risk in Financial, Technology, Healthcare and Services Sectors
	ProQuest Dissertations Publishing, 2017

[85]	Knowledge Set of Attack Surface and Cybersecurity Rating for Firms in a Supply Chain
	SSRN, 2017

[86]	Cybersecurity Cost of Quality: Managing the Costs of Cybersecurity Risk Management
	2017

[87]	La Cyber Security: una nuova sfida per le aziende
	2017

[88]	A Survey Of New Development In Cyber Security And Networks
	Journal of Multidisciplinary Engineering Science and Technology, 2017

[89]	Longitudinal analysis of information security incident spillover effects
	2017

[90]	Information Security Investment Model and Level in Incomplete Information
	2017

[91]	Cybersecurity investment guidance: Extensions of the Gordon and Loeb model
	2016

[92]	МЕТОД УПРАЛІННЯ ЗАГАЛЬНИМ СТАНОМ ЗАХИЩЕНОСТІ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ КОМПАНІЇ ЗА ДОПОМОГОЮ АНАЛІЗУ ПРИЧИННО …
	2016

[93]	Integrating Cyber Losses into the Standard Microeconomics of the Consumer and Firm: Defining Losses in the Gordon and Loeb Model
	2016

[94]	Using Incentives to Foster Security Information Sharing and Cooperation: A General Theory and Application to Critical Infrastructure Protection
	Critical Information Infrastructures Security, 2016

[95]	Метод упраління загальним станом захищеності інформаційної безпеки компанії за допомогою аналізу причинно-наслідкових взаємозв'язків за методом …
	2016

[96]	МЕТОД УПРАЛІННЯ ЗАГАЛЬНИМ СТАНОМ ЗАХИЩЕНОСТІ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ КОМПАНІЇ ЗА ДОПОМОГОЮ АНАЛІЗУ ПРИЧИННОНАСЛІДКОВИХ ВЗАЄМОЗВ'ЯЗКІВ ЗА МЕТОДОМ ІСІКАВИ
	ЕКОНОМІЧНА НАУКА, 2016

[97]	ИНФОРМАЦИОННЫЕ РИСКИ: МОДЕЛИ РИСКОВ, ИССЛЕДОВАНИЕ И ИСПОЛЬЗОВАНИЕ
	ЕКОНОМІЧНА НАУКА, 2016

[98]	Cybersecurity: Integrating Information into the Microeconomics of the Consumer and the Firm
	2016

[99]	HACKING INDUCED EXTERNALITIES AND THE APATHY OF STOCKHOLDERS
	2016

[100]	Examining Data Privacy Breaches in Healthcare
	Walden Dissertations and Doctoral Studies, 2016

[101]	Cybersecurity Investments with Nonlinear Budget Constraints: Analysis of the Marginal Expected Utilities
	2016

[102]	Segurança da informação na cadeia de suprimentos da saúde: uma análise das práticas de proteção de informações críticas
	2016

[103]	Security countermeasures in the cyber-world
	2016

[104]	Multifirm Models of Cybersecurity Investment Competition vs. Cooperation and Network Vulnerability
	European Journal of Operational Research, 2016

[105]	A Supply Chain Game Theory Framework for Cybersecurity Investments Under Network Vulnerability
	2015

[106]	Increasing cybersecurity investments in private sector firms
	Journal of Cybersecurity, 2015

[107]	Investing in Cybersecurity
	2015

[108]	Cybersecurity Investment Guidance: A Note on Extensions of the Gordon and Leob model
	2015

[109]	Применение экономико-стоимостных моделей информационных рисков для оценивания предельных объемов инвестиций в безопасность информации
	Захист інформації, 2015

[110]	ЗАСТОСУВАННЯ ЕКОНОМІКО-ВАРТІСНИХ МОДЕЛЕЙ ІНФОРМАЦІЙНИХ РИЗИКІВ ДЛЯ ОЦІНЮВАННЯ ГРАНИЧНОГО ОБСЯГУ ІНВЕСТИЦІЙ В БЕЗПЕКУ ІНФОРМАЦІЇ
	Захист інформації, 2015

[111]	Information Security in the Cloud: Should We be Using a Different Approach?
	2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), 2015

[112]	ОСОБЛИВОСТІ ВИЗНАЧЕННЯ ОБСЯГУ ІНВЕСТИЦІЙ В СИСТЕМУ ЗАХИСТУ ІНФОРМАЦІЙНИХ РЕСУРСІВ
	2015

[113]	Аналіз та оптимізація функцій і завдань центральних органів виконавчої влади із управління водними ресурсами в Україні
	2015

[114]	ИНФОРМАЦИОННАЯ БЕЗОПАСНОСТЬ КОМПАНИИ НА ОСНОВЕ МЕТОДА АНАЛИЗА ПРИЧИННО-СЛЕДСТВЕННЫХ ВЗАИМОСВЯЗЕЙ
	2015

[115]	Ризиковий підхід до визначення граничного обсягу інвестицій у захист інформації
	2015

[116]	Investeren in Cybersecurity
	2015

[117]	Применение экономико-стоимостных моделей информационных рисков для оценивания предельных объемов инвестиций в безопасность …
	Захист інформації, 2015

[118]	ЗАСТОСУВАННЯ ЕКОНОМІКО-ВАРТІСНИХ МОДЕЛЕЙ ІНФОРМАЦІЙНИХ РИЗИКІВ ДЛЯ ОЦІНЮВАННЯ ГРАНИЧНОГО ОБСЯГУ ІНВЕСТИЦІЙ В БЕЗПЕКУ …


[119]	Hezah! Ransomware: Externalities, Cost Internalization, and Security Investment Intentionality


[120]	A literature review on the role of cybersecurity in changing management accounting, auditing and governance.

[1]	More than malware: unmasking the hidden risk of cybersecurity regulations International Cybersecurity Law Review, 2024 DOI:10.1365/s43439-024-00111-7

[2]	Information sharing and security investment for substitutable firms: A game-theoretic analysis Journal of the Operational Research Society, 2023 DOI:10.1080/01605682.2023.2210594

[3]	Cybersecurity For Defense Economists Defence and Peace Economics, 2023 DOI:10.1080/10242694.2022.2138122

[4]	Cyberdefense International Series in Operations Research & Management Science, 2023 DOI:10.1007/978-3-031-30191-9_1

[5]	Cyberdefense International Series in Operations Research & Management Science, 2023 DOI:10.1007/978-3-031-30191-9_11

[6]	The Best Laid Plans or Lack Thereof: Security Decision-Making of Different Stakeholder Groups IEEE Transactions on Software Engineering, 2022 DOI:10.1109/TSE.2020.3023735

[7]	A study of detection of abnormal network traffic: A comparison of multiple algorithms SECURITY AND PRIVACY, 2022 DOI:10.1002/spy2.190

[8]	Expanding the Gordon-Loeb model to cyber-insurance Computers & Security, 2022 DOI:10.1016/j.cose.2021.102533

[9]	Dangerous games: A literature review on cybersecurity investments Journal of Economic Surveys, 2022 DOI:10.1111/joes.12456

[10]	Cybersecurity For Defense Economists Defence and Peace Economics, 2022 DOI:10.1080/10242694.2022.2138122

[11]	The Best Laid Plans or Lack Thereof: Security Decision-Making of Different Stakeholder Groups IEEE Transactions on Software Engineering, 2022 DOI:10.1109/TSE.2020.3023735

[12]	A study of detection of abnormal network traffic: A comparison of multiple algorithms SECURITY AND PRIVACY, 2022 DOI:10.1002/spy2.190

[13]	Expanding the Gordon-Loeb model to cyber-insurance Computers & Security, 2022 DOI:10.1016/j.cose.2021.102533

[14]	Cybersecurity Aspects of Location-Based Services (LBS) in 5G Networks 2021 IEEE 21st International Symposium on Computational Intelligence and Informatics (CINTI), 2021 DOI:10.1109/CINTI53070.2021.9668499

[15]	The Palgrave Handbook of Corporate Sustainability in the Digital Era 2021 DOI:10.1007/978-3-030-42412-1_7

[16]	The Palgrave Handbook of Corporate Sustainability in the Digital Era 2021 DOI:10.1007/978-3-030-42412-1_7

[17]	The Benefits and Costs of Cybersecurity Risk Reduction: A Dynamic Extension of the Gordon and Loeb Model Risk Analysis, 2021 DOI:10.1111/risa.13713

[18]	Introducing the concept of cybersecurity footprint Information & Computer Security, 2021 DOI:10.1108/ICS-04-2020-0054

[19]	Understanding incentives for cybersecurity investments: Development and application of a typology Digital Business, 2021 DOI:10.1016/j.digbus.2021.100014

[20]	Systematically Understanding Cybersecurity Economics: A Survey Sustainability, 2021 DOI:10.3390/su132413677

[21]	The Palgrave Handbook of Corporate Sustainability in the Digital Era 2021 DOI:10.1007/978-3-030-42412-1_7

[22]	Information Security Protection of Power System Computer Network 2021 IEEE Asia-Pacific Conference on Image Processing, Electronics and Computers (IPEC), 2021 DOI:10.1109/IPEC51340.2021.9421317

[23]	Analysis of Models for Selection of Investment Strategies 2020 IEEE International Conference on Problems of Infocommunications. Science and Technology (PIC S&T), 2020 DOI:10.1109/PICST51311.2020.9468024

[24]	Information security in healthcare supply chains: an analysis of critical information protection practices Gestão & Produção, 2020 DOI:10.1590/0104-530x5376-20

[25]	Knowledge absorption for cyber-security Computers in Human Behavior, 2020 DOI:10.1016/j.chb.2020.106255

[26]	ANALYSIS OF MATHEMATICAL MODELS OF INVESTMENT STRATEGIES IN THE UNIVERSITY ON CYBER SECURITY SYSTEMS THE BULLETIN, 2020 DOI:10.32014/2020.2518-1467.16

[27]	Quantifiable & Comparable Evaluations of Cyber Defensive Capabilities: A Survey & Novel, Unified Approach Computers & Security, 2020 DOI:10.1016/j.cose.2020.101907

[28]	Cybersecurity in accounting research Managerial Auditing Journal, 2019 DOI:10.1108/MAJ-09-2018-2004

[29]	Cybersecurity in Accounting Research SSRN Electronic Journal , 2019 DOI:10.2139/ssrn.3923245

[30]	Pricing Cyber Security Insurance: A Copula Model Using an Objective, Verifiable, Loss Measure SSRN Electronic Journal , 2018 DOI:10.2139/ssrn.3236512

[31]	Trade secrets and cyber security breaches Journal of Accounting and Public Policy, 2018 DOI:10.1016/j.jaccpubpol.2018.10.006

[32]	MODEL OF INVESTMENT STRATEGIES IN CYBER SECURITY SYSTEMS OF TRANSPORT SITUATIONAL CENTERS Cybersecurity: Education, Science, Technique, 2018 DOI:10.28925/2663-4023.2018.2.6879

[33]	Trade Secrets and Cybersecurity Breaches SSRN Electronic Journal , 2017 DOI:10.2139/ssrn.3018553

[34]	Multifirm models of cybersecurity investment competition vs. cooperation and network vulnerability European Journal of Operational Research, 2017 DOI:10.1016/j.ejor.2016.12.034

[35]	Estimation of externalities in interdependent security: A case study of large systems 2017 IEEE 56th Annual Conference on Decision and Control (CDC), 2017 DOI:10.1109/CDC.2017.8264242

[36]	Calibration of the Gordon-Loeb Models for the Probability of Security Breaches 2017 UKSim-AMSS 19th International Conference on Computer Modelling & Simulation (UKSim), 2017 DOI:10.1109/UKSim.2017.18

[37]	Security countermeasures in the cyber-world 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF), 2016 DOI:10.1109/ICCCF.2016.7740440

[38]	Investing in Cybersecurity: Insights from the Gordon-Loeb Model Journal of Information Security, 2016 DOI:10.4236/jis.2016.72004

[39]	Cybersecurity Investment Guidance: Extensions of the Gordon and Loeb Model Journal of Information Security, 2016 DOI:10.4236/jis.2016.72002

[40]	Cybersecurity: Integrating Information into the Microeconomics of the Consumer and the Firm Journal of Information Security, 2016 DOI:10.4236/jis.2016.75023

[41]	Information Security in the Cloud: Should We be Using a Different Approach? 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), 2015 DOI:10.1109/CloudCom.2015.92

[42]	Computation, Cryptography, and Network Security 2015 DOI:10.1007/978-3-319-18275-9_16

[43]	Computation, Cryptography, and Network Security 2015 DOI:10.1007/978-3-319-18275-9_16

Follow SCIRP

	+1 323-425-8868
	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journal of Information Security

Journal of Information Security

Journals Menu

Home

About SCIRP

Service

Policies