References
- Anderson, R., & Moore, T. (2006). The economics of information security. Science, 314(5799), 610–613.
- Arthur, C. (2011). Sony suffers second data breach with theft of 25 m more user details. Retrieved from https://www.theguardian.com/technology/blog/2011/may/03/sony-data-breach-online-entertainment
- Bandyopadhyay, T., Jacob, V., & Raghunathan, S. (2010). Information security in networked supply chains: Impact of network vulnerability and supply chain integration on incentives to invest. Information Technology & Management, 11(1), 7–23.
- Cavusoglu, H., Raghunathan, S., & Yue, W. T. (2008). Decision-theoretic and game-theoretic approaches to IT security investment. Journal of Management Information Systems, 25(2), 281–304.
- Gal-Or, E., & Ghose, A. (2005). The economic incentives for sharing security information. Information Systems Research, 16(2), 186–208.
- Gao, X., & Zhong, W. (2015). Information security investment for competitive firms with hacker behavior and security requirements. Annals of Operations Research, 235(1), 277–300.
- Gao, X., & Zhong, W. (2016). A differential game approach to security investment and information sharing in a competitive environment. IIE Transactions, 48(6), 511–526.
- Gao, X., Zhong, W., & Mei, S. (2015). Security investment and information sharing under an alternative security breach probability function. Information Systems Frontiers, 17(2), 423–438.
- Gao, X., Zhong, W. J., & Mei, S. E. (2014). A game-theoretic analysis of information sharing and security investment for complementary firms. Journal of the Operational Research Society, 65(11), 1682–1691.
- Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5(4), 438–457.
- Gordon, L. A., Loeb, M. P., & Lucyshyn, W. (2003). Sharing information on computer systems security: An economic analysis. Journal of Accounting and Public Policy, 22(6), 461–485.
- Hausken, K. (2006). Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability. Information Systems Frontiers, 8(5), 338–349.
- Hausken, K. (2007). Information sharing among firms and cyber attacks. Journal of Accounting and Public Policy, 26(6), 639–688.
- Hausken, K. (2010). Risk, production and conflict when utilities are as if certain. International Journal of Decision Sciences, Risk and Management, 2(3–4), 228–251.
- Hausken, K. (2011). Production, safety, exchange, and risk. International Journal of Business Continuity and Risk Management, 2(4), 346–350.
- Hausken, K. (2012). Production versus safety in a risky competitive industry. International Journal of Decision Sciences, Risk and Management, 4(1–2), 92–107.
- Hausken, K. (2014). Returns to information security investment: Endogenizing the expected loss. Information Systems Frontiers, 16(2), 329–336.
- Huang, C. D., Hu, Q., & Behara, R. S. (2008). An economic analysis of the optimal information security investment in the case of a risk-averse firm. International Journal of Production Economics, 114(2), 793–804.
- Kallberg, J. G., & Udell, G. F. (2003). The value of private sector business credit information sharing: The US case. Journal of Banking & Finance, 27(3), 449–469.
- Kirby, A. J. (1988). Trade associations as information exchange mechanisms. The RAND Journal of Economics, 19(1), 138–146.
- Krebs, B. (2014). Email attack on vendor set up breach at target. Retrieved from http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target
- Kunreuther, H., & Heal, G. (2003). Interdependent security. Journal of Risk and Uncertainty, 26(2–3), 231–249.
- Lee, C. H., Geng, X. J., & Raghunathan, S. (2013). Contracting information security in the presence of double moral hazard. Information Systems Research, 24(2), 295–311.
- Lee, C. H., Geng, X. J., & Raghunathan, S. (2016). Mandatory standards and organizational information security. Information Systems Research, 27(1), 70–86.
- McGrath, M. (2014). Target profit falls 46% on credit card breach and the hits could keep on coming. Retrieved from http://www.forbes.com/sites/maggiemcgrath/2014/02/26/target-profit-falls-46-on-credit-card-breach-and-says-the-hits-could-keep-on-coming
- Novshek, W., & Sonnenschein, H. (1982). Fulfilled expectations Cournot duopoly with information acquisition and release. The Bell Journal of Economics, 13(1), 214–218.
- Ponemon, L. (2015). Cost of data breach study: Global analysis. Retrieved from http://www.ponemon.org/blog/2015-cost-of-data-breach-global
- Schlosser, A. E., White, T. B., & Lloyd, S. M. (2006). Converting web site visitors into buyers: How web site investment increases consumer trusting beliefs and online purchase intentions. Journal of Marketing, 70(2), 133–148.
- Tanaka, H., Matsuura, K., & Sudoh, O. (2005). Vulnerability and information security investment: An empirical analysis of e-local government in Japan. Journal of Accounting and Public Policy, 24(1), 37–59.
- Vijayan, J. (2008). Changes to PCI standard not expected to up ante on protecting payment card data, computerworld. Retrieved August 20, from http://www.computerworld.com/s/article/9113104