Economics Project Publications

Listed Below are the publications reported to the I3P as part of the Economics Project (2005-2007). If a publication is not listed here and you think it should be please send it to the I3P Administrative Office.

I3P Cyber Infrastructure Bulletins

National Cyber Infrastructure Bulletin; no. 2 (Oct. 2006) " The Economics of Developing a Secure Organization"

I3P Research Reports [I3P series]

I3P Research Report; no. 5 (Jan. 2006) "I3P Economics Project Workshop Report"

Journal Publications

Crawford, J.A., K.G. Crowther, B.M. Horowitz, and J.H. Lambert. An Example Collaborative Exercise for Decision Making in Investment in Cyber Security. in Proceedings of the Workshop on Securing the Economics of the Information Infrastructure. October 23-24, 2006 Washington D.C. (2006)
Scott Dynes. Information Security and Health Care – A Field Study of a Hospital After A Worm Event (August 2006)
Scott Dynes. Information Security Investment Case Study: Manufacturing Sector (June 2006)
Embedding Information Security Risk Management into the Extended Enterprise : Proceedings of a Workshop on Developing a Secure Organization (June 2006)
Eva Andrijcic, Barry Horowitz. A Macro-Economic Framework for Evaluation of Cyber Security Risks Related to Protection of Intellectual Property. (2006) to be published in Risk Analysis.
Alfredo Garcia, Barry Horowitz. The Potential for Underinvestment in Internet Security: Implications for Regulatory Policy. Journal of Regulatory Economics, Vol. 31 No.1 (2007) pp. 37-55. (December, 2006)
Barry Horowitz & Jonathan Crawford. Application of Collaborative Risk Analysis to Cyber Security Investment Decisions. FSTC Innovator (December, 2007)
Andy Ozment, Stuart E. Schechter, Rachna Dhamija. Web Sites Should Not Need to Rely on Users to Secure Communications. Presentation at the W3C workshop on Transparency and Usability of Web Authentication (NYC, NY: March 15-16, 2006). Paper available also on the workshop website.
Scott Dynes, Hans Brechbuhl, M. Eric Johnson. Information Security in the Extended Enterprise: Some Initial Results From a Field Study of an Industrial Firm. Proceedings of the WEIS 05 Conference.
Scott Dynes, Hans Brechbuhl. Driving Change in Corporate Information Security. CIO Higher Learning (June 05)

IEEE Security & Privacy Magazine (May/June 2007)

Copyright © 2007 IEEE. Reprinted from IEEE Security & Privacy magazine.

This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of 13P's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org.

By choosing to view these documents, you agree to all provisions of the copyright laws protecting them.

Shari Lawrence Pfleeger, Roland L. Trope, Charles C. Palmer. Managing Organizatinal Security
M. Eric Johnson, Eric Goetz. Embedding Information Security into the Organization
Shari Lawrence Pfleeger, Martin Libicki, Michael Webber. I'll Buy That! Cybersecurity in the Internet Marketplace