What's New in the Economics of Cybersecurity?

Final submissions due: 1 January 2015
Abstracts due by 1 December 2014 to the guest editors
Publication date: September/October 2015
Author guidelines: www.computer.org/portal/web/peerreviewmagazines/acsecurity

A lack of comprehensive understanding of emerging relationships between technical and socioeconomical-legal perspectives inhibits research to deliver innovation into practical and industrial applications. In the context of cybersecurity, different technologies are deployed alongside other resources across sectors and industries. Efficient and effective deployments of technologies to accommodate emerging user needs could create benefits both for consumers and providers, opening new challenges in terms of security and privacy in the cyber world. The economics of cybersecurity and privacy, in particular, involve brand complexities not fully investigated to date.

This special issue intends to support discussions on the economic aspects of cybersecurity and privacy, taking into account multidisciplinary perspectives. The objective is to provide new insights about the economics of cybersecurity and privacy, the costs-benefits involved in adopting such technologies, the potential investment alternatives and their returns, the behavioral aspects of actors dealing with security and privacy issues, the fostering and hampering effects of privacy and security regulations, and the economic accountability of actors in the cyber world. Relevant topics include but aren't limited to the following:

  • behavioral security and privacy;
  • cyber defense strategy and game theory;
  • economics of information security, privacy and anonymity, and trust;
  • incentives for information security;
  • information stewardship economics;
  • metrics and models for cybersecurity, privacy, and cyber crime;
  • optimal investment in information security;
  • organizational security performance;
  • psychology of risk, security, and privacy;
  • risk management and cyber insurance;
  • security and privacy standards; and
  • socioeconomic-legal impacts of cybersecurity.

Articles selected for publications in the special issue are expected to advance and address some of the following aspects of economics of cybersecurity and privacy:
Different sectors and industries have been concerned with economic analyses related to security and privacy. What are the lessons learned on cybersecurity and privacy from different sectors and industries?

This special issue will consider experiences in developing and adopting economic tools for operationalizing relevant specific aspects of cybersecurity and privacy. What are the economic tools that practitioners can adopt?

This special issue will consider insights about the legal, societal, and economic impact of cybersecurity and privacy. What economic insights are shaping our cyber society?

Submissions will be subject to the IEEE Computer Society's peer-review process, and later, upon acceptance, to the magazine's editorial process. Articles should be at most 6,000 words, with a maximum of 15 references, and should be understandable to a broad audience of people interested in security, privacy, and dependability. The writing style should be down to Earth, practical, and original. Authors shouldn't assume that the audience will have specialized experience in a particular subfield. Submit your article through ScholarOne at https://mc.manuscriptcentral.com/cs-ieee.

Questions?

Contact the guest editors, Massimo Felici and Nick Wainwright (Hewlett-Packard Laboratories, Security and Cloud Lab, UK), and Fabio Bisogni and Simona Cavallini (FORMIT Foundation, Italy). Corresponding GE: massimo.felici@hp.com.