This chapter of the Quaderno IRCrES Cybersecurity and data protection in the electricity sector: state-of-the-art of the literature and evaluation methods reviews the literature on two main aspects, the concepts on which the economic analysis of cybersecurity is built on, and the methods, both theoretical and empirical, developed to assess the value of cybersecurity. Itis therefore divided in two parts. First, regarding the broad perspective of economics applied to cybersecurity, we tackle the discussion on the nature of cybersecurity as a public good, the market failures hampering the right allocation of resources within investment in cybersecure systems, and thus, the regulation policies and general awareness on the topic. Then, we review the approaches and models developed for cybersecurity estimations, followed by a focus on the studies addressing cybersecurity’s value within critical infrastructure sectors. The review demonstrates a literature on the topics of cybersecurity economics already significant, revealing different schools of economics employed in cybersecurity, as well as multidisciplinary approaches and, in turn, various models for cybersecurity investment. Yet, developing economically viable cybersecurity strategies still calls for representative data on cyberattacks as well as the adaptation of evaluation techniques to individual behaviours, and system’s complexity.
Chapter 1. The economic perspective on cybersecurity
JEANNE Charlotte Marie VALLETTE D’OSIA
;ELENA RAGAZZI;UGO FINARDI
2025
Abstract
This chapter of the Quaderno IRCrES Cybersecurity and data protection in the electricity sector: state-of-the-art of the literature and evaluation methods reviews the literature on two main aspects, the concepts on which the economic analysis of cybersecurity is built on, and the methods, both theoretical and empirical, developed to assess the value of cybersecurity. Itis therefore divided in two parts. First, regarding the broad perspective of economics applied to cybersecurity, we tackle the discussion on the nature of cybersecurity as a public good, the market failures hampering the right allocation of resources within investment in cybersecure systems, and thus, the regulation policies and general awareness on the topic. Then, we review the approaches and models developed for cybersecurity estimations, followed by a focus on the studies addressing cybersecurity’s value within critical infrastructure sectors. The review demonstrates a literature on the topics of cybersecurity economics already significant, revealing different schools of economics employed in cybersecurity, as well as multidisciplinary approaches and, in turn, various models for cybersecurity investment. Yet, developing economically viable cybersecurity strategies still calls for representative data on cyberattacks as well as the adaptation of evaluation techniques to individual behaviours, and system’s complexity.| File | Dimensione | Formato | |
|---|---|---|---|
|
Q24_Capitolo_1.pdf
accesso aperto
Licenza:
Creative commons
Dimensione
216.91 kB
Formato
Adobe PDF
|
216.91 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
