Journal Article

Increasing cybersecurity investments in private sector firms

Lawrence A. Gordon, Martin P. Loeb, William Lucyshyn and Lei Zhou

in Journal of Cybersecurity

Volume 1, issue 1, pages 3-17
Published in print September 2015 | ISSN: 2057-2085
Published online November 2015 | e-ISSN: 2057-2093 | DOI:

More Like This

Show all results sharing these subjects:

  • IT and Communications Law
  • Computer Science
  • Computer Security


Show Summary Details


The primary objective of this article is to develop an economics-based analytical framework for assessing the impact of government incentives/regulations designed to offset the tendency to underinvest in cybersecurity related activities by private sector firms. The analysis provided in the article shows that the potential for government incentives/regulations to increase cybersecurity investments by private sector firms is dependent on the following two fundamental issues: (i) whether or not firms are utilizing the optimal mix of inputs to cybersecurity, and (ii) whether or not firms are able, and willing, to increase their investments in cybersecurity activities. The implications of these findings are also discussed in this article, as well as a formal analysis of these implications. In addition, this article provides a discussion of existing actions by the US federal government that should be more effectively utilized before, or at least in conjunction with, considering new government incentives/regulations for increasing cybersecurity investments by private sector firms.

Keywords: cybersecurity economics; cybersecurity investments; cybersecurity policy and regulations

Journal Article.  13628 words.  Illustrated.

Subjects: IT and Communications Law ; Computer Science ; Computer Security

Users without a subscription are not able to see the full content. Please, subscribe or login to access all content.