Short Course Description
How can finance and economics tools help us analyze information security issues in order to design an optimal policy? The issue of network and information security comes up in the news almost daily, and the issue of optimal security policy attracts and employs many researchers in academia in the private sector and state mechanisms. Over the past few years, researchers have realized that the causes of security and information failures are not necessarily a lack of advanced technology, but a lack of appropriate incentives: Are we investing enough to prevent hackers from attacking our computer systems? Why is the network less secure today than in the past, even though investment in technological developments has increased? How much should a firm invest in securing its network? How much would we be prepared to pay to maintain our privacy? The fields of finance and economics can contribute important analytical tools to answer these questions, which seem ?technical? at first glance. Many times, systems fail because the organizations that protect them do not bear the full cost in the event of a failure, meaning such a situation is that the incentives are not best organized. In order to solve problems of this kind it is necessary both for a technical understanding of the structure of these threats and for an economic point of view that can reveal the strategies of the players in these markets. In addition, we need to understand how to assess what damage has been done to us by virtue of it so that our information becomes more revealing. The course will include familiarity with basic models in finance and economics, in order to provide tools that allow to assess costs, risks and benefits, exposing the incentive system operating in the market, identifying the effects of details on each other, and analyzing strategies and equilibria in different markets. The issues discussed during the course relate to the optimal level of investment in security, issues related to maintaining the privacy of information and more.
Learning outputs
Upon successful completion of the course, the student will be able to:
1. Understand the incentives that motivate companies regarding cyber security
2. Assess the damage caused to the company as a result of poor cyber security
3. Understand the market response to cyber hacking
Student evaluation of the course and the composition of the grade
60% exam and 40% project (in groups)
Full Syllabus