Cyber Security Investment in the Context of Disruptive Technologies: Reassessment of Gordon–Loeb Model and Application to Critical Infrastructure Protection
|Author||Dimitri PERCIA DAVID|
|Director of thesis||Prof. Dr. Solange Ghernaouti|
|Co-director of thesis|
|Summary of thesis||
We propose an extension of the Gordon-Loeb model by considering multi-periods and relaxing the assumption of a continuous security breach probability function. Such adaptations allow capturing dynamic aspects of information security investments such as the advent of a disruptive technology and its consequences. In this thesis, the advent of big data analytics (BDA) and its consequences on information security investments is theoretically and empirically investigated. Our analysis based on game theory and econometrics suggests a substantive decrease in such investments due to a technological shift. While we believe this case should be generalized across the information security milieu, we illustrate our approach in the context of critical infrastructure protection (CIP) in which security cost reduction is of prior importance since potential losses reach unaffordable dimensions. Moreover, despite BDA has been considered as a promising method for CIP, its concrete effects have been discussed little.
|Administrative delay for the defence||early 2019|