{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T20:36:44Z","timestamp":1761597404915},"reference-count":66,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2013,2,23]],"date-time":"2013-02-23T00:00:00Z","timestamp":1361577600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Inf Syst Front"],"published-print":{"date-parts":[[2015,4]]},"DOI":"10.1007\/s10796-013-9411-3","type":"journal-article","created":{"date-parts":[[2013,2,22]],"date-time":"2013-02-22T06:45:43Z","timestamp":1361515543000},"page":"423-438","source":"Crossref","is-referenced-by-count":55,"title":["Security investment and information sharing under an alternative security breach probability function"],"prefix":"10.1007","volume":"17","author":[{"given":"Xing","family":"Gao","sequence":"first","affiliation":[]},{"given":"Weijun","family":"Zhong","sequence":"additional","affiliation":[]},{"given":"Shue","family":"Mei","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2013,2,23]]},"reference":[{"key":"9411_CR1","doi-asserted-by":"crossref","unstructured":"Anderson, R. (2001). Why information security is hard: an economic perspective. Proceedings of the Seventeenth Computer Security Applications Conference, IEEE Computer Society Press, 358\u2013365.","DOI":"10.1109\/ACSAC.2001.991552"},{"key":"9411_CR2","unstructured":"Anderson, R. (2002). Security in open versus closed systems-the dance of Boltzmann, Coase and Moore. Technical report, Cambridge University, England."},{"key":"9411_CR3","doi-asserted-by":"crossref","first-page":"610","DOI":"10.1126\/science.1130992","volume":"314","author":"R Anderson","year":"2006","unstructured":"Anderson, R., & Moore, T. (2006). The economics of information security. Science, 314, 610\u2013613.","journal-title":"Science"},{"issue":"5","key":"9411_CR4","doi-asserted-by":"crossref","first-page":"350","DOI":"10.1007\/s10796-006-9012-5","volume":"8","author":"A Arora","year":"2006","unstructured":"Arora, A., Nandkumar, A., & Telang, R. (2006). Does information security attack frequency increase with vulnerability disclosure?-an empirical analysis. Information Systems Frontiers, 8(5), 350\u2013362.","journal-title":"Information Systems Frontiers"},{"issue":"1","key":"9411_CR5","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s10799-010-0066-1","volume":"11","author":"T Bandyopadhyay","year":"2010","unstructured":"Bandyopadhyay, T., Jacob, V., & Raghunathan, S. (2010). Information security in networked supply chains: impact of network vulnerability and supply chain integration on incentives to invest. Information Technology and Management, 11(1), 7\u201323.","journal-title":"Information Technology and Management"},{"key":"9411_CR6","doi-asserted-by":"crossref","unstructured":"Bandyopadhyay, T., Liu, D., Mookerjee, V. S., Wilhite, A. W. (2012). Dynamic competition in IT security: a differential games approach. Information Systems Frontiers, in press, doi: 10.1007\/s10796-012-9373-x .","DOI":"10.1007\/s10796-012-9373-x"},{"issue":"2","key":"9411_CR7","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1145\/1042091.1042094","volume":"48","author":"LD Bodin","year":"2005","unstructured":"Bodin, L. D., Gordon, L. A., & Loeb, M. P. (2005). Evaluating information security investments using the analytic hierarchy process. Communications of the ACM, 48(2), 78\u201383.","journal-title":"Communications of the ACM"},{"issue":"3","key":"9411_CR8","doi-asserted-by":"crossref","first-page":"788","DOI":"10.1016\/j.jmacro.2012.03.002","volume":"34","author":"B B\u00fcy\u00fckkarabacak","year":"2012","unstructured":"B\u00fcy\u00fckkarabacak, B., & Valev, N. (2012). Credit information sharing and banking crises: an empirical investigation. Journal of Macroeconomics, 34(3), 788\u2013800.","journal-title":"Journal of Macroeconomics"},{"issue":"3","key":"9411_CR9","doi-asserted-by":"crossref","first-page":"431","DOI":"10.3233\/JCS-2003-11308","volume":"11","author":"K Campbell","year":"2003","unstructured":"Campbell, K., Gordon, L. A., Loeb, M. P., & Zhou, L. (2003). The economic cost of publicly announced information security breaches: empirical evidence from the stock market. Journal of Computer Security, 11(3), 431\u2013448.","journal-title":"Journal of Computer Security"},{"issue":"3","key":"9411_CR10","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1287\/deca.1040.0022","volume":"1","author":"H Cavusoglu","year":"2004","unstructured":"Cavusoglu, H., & Raghunathan, S. (2004). Configuration of detection software: a comparison of decision and game theory approaches. Decision Analysis, 1(3), 131\u2013148.","journal-title":"Decision Analysis"},{"issue":"1","key":"9411_CR11","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1080\/10864415.2004.11044320","volume":"9","author":"H Cavusoglu","year":"2004","unstructured":"Cavusoglu, H., Mishra, B., & Raghunathan, S. (2004). The effect of Internet security breach announcements on market value: capital market reaction for breached firms and Internet security developers. International Journal of Electronic Commerce, 9(1), 69\u2013105.","journal-title":"International Journal of Electronic Commerce"},{"issue":"1","key":"9411_CR12","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1287\/isre.1050.0041","volume":"16","author":"H Cavusoglu","year":"2005","unstructured":"Cavusoglu, H., Mishra, B., & Raghunathan, S. (2005). The value of intrusion detection systems in information technology security architecture. Information Systems Research, 16(1), 28\u201346.","journal-title":"Information Systems Research"},{"issue":"2","key":"9411_CR13","doi-asserted-by":"crossref","first-page":"281","DOI":"10.2753\/MIS0742-1222250211","volume":"25","author":"H Cavusoglu","year":"2008","unstructured":"Cavusoglu, H., Raghunathan, S., & Yue, W. T. (2008). Decision-theoretic and game-theoretic approaches to IT security investment. Journal of Management Information Systems, 25(2), 281\u2013304.","journal-title":"Journal of Management Information Systems"},{"issue":"2","key":"9411_CR14","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1287\/isre.1080.0180","volume":"20","author":"H Cavusoglu","year":"2009","unstructured":"Cavusoglu, H., Raghunathan, S., & Cavusoglu, H. (2009). Configuration of and interaction between information security technologies: the case of firewalls and intrusion detection systems. Information Systems Research, 20(2), 198\u2013217.","journal-title":"Information Systems Research"},{"issue":"4","key":"9411_CR15","doi-asserted-by":"crossref","first-page":"651","DOI":"10.1016\/j.dss.2010.08.017","volume":"50","author":"S Chai","year":"2011","unstructured":"Chai, S., Kim, M., & Rao, H. R. (2011). Firms\u2019 information security investment decisions: stock market evidence of investors\u2019 behavior. Decision Support Systems, 50(4), 651\u2013661.","journal-title":"Decision Support Systems"},{"issue":"1","key":"9411_CR16","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1007\/s001990050184","volume":"11","author":"DJ Clark","year":"1998","unstructured":"Clark, D. J., & Riis, C. (1998). Contest success functions: an extension. Economic Theory, 11(1), 201\u2013204.","journal-title":"Economic Theory"},{"issue":"3","key":"9411_CR17","doi-asserted-by":"crossref","first-page":"241","DOI":"10.2753\/MIS0742-1222260308","volume":"26","author":"M Cremonini","year":"2009","unstructured":"Cremonini, M., & Nizovtsev, D. (2009). Risks and benefits of signaling information system characteristics to strategic attackers. Journal of Management Information Systems, 26(3), 241\u2013274.","journal-title":"Journal of Management Information Systems"},{"issue":"1","key":"9411_CR18","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1287\/isre.1070.0160","volume":"20","author":"J D\u2019Arcy","year":"2009","unstructured":"D\u2019Arcy, J., Hovav, A., & Galletta, D. (2009). User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach. Information Systems Research, 20(1), 79\u201398.","journal-title":"Information Systems Research"},{"issue":"1","key":"9411_CR19","doi-asserted-by":"crossref","first-page":"67","DOI":"10.2307\/41166154","volume":"45","author":"A Dutta","year":"2002","unstructured":"Dutta, A., & Mccrohan, K. (2002). Management\u2019s role in information security in a cyber economy. California Management Review, 45(1), 67\u201387.","journal-title":"California Management Review"},{"issue":"3","key":"9411_CR20","doi-asserted-by":"crossref","first-page":"595","DOI":"10.2307\/25750693","volume":"34","author":"MR Galbreth","year":"2010","unstructured":"Galbreth, M. R., & Shor, M. (2010). The impact of malicious agents on the enterprise software industry. MIS Quarterly, 34(3), 595\u2013612.","journal-title":"MIS Quarterly"},{"key":"9411_CR21","unstructured":"Gal-Or, E., & Ghose, A. (2003). The economic consequences of sharing security information. Proceedings of the Second Workshop on Economics and Information Security, University of Maryland."},{"issue":"2","key":"9411_CR22","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1287\/isre.1050.0053","volume":"16","author":"E Gal-Or","year":"2005","unstructured":"Gal-Or, E., & Ghose, A. (2005). The economic incentives for sharing security information. Information Systems Research, 16(2), 186\u2013208.","journal-title":"Information Systems Research"},{"issue":"3","key":"9411_CR23","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1016\/j.mathsocsci.2012.02.004","volume":"63","author":"X Gao","year":"2012","unstructured":"Gao, X., Zhong, W., & Mei, S. (2012a). On local stability of Cournot models with simultaneous and sequential decisions. Mathematical Social Sciences, 63(3), 207\u2013212.","journal-title":"Mathematical Social Sciences"},{"key":"9411_CR24","doi-asserted-by":"crossref","unstructured":"Gao, X., Zhong, W., Mei, S. (2012b). Stochastic evolutionary game dynamics and their selection mechanisms. Computational Economics, 41(2), 233\u2013247.","DOI":"10.1007\/s10614-012-9320-4"},{"issue":"4","key":"9411_CR25","doi-asserted-by":"crossref","first-page":"438","DOI":"10.1145\/581271.581274","volume":"5","author":"LA Gordon","year":"2002","unstructured":"Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security, 5(4), 438\u2013457.","journal-title":"ACM Transactions on Information and System Security"},{"issue":"5","key":"9411_CR26","doi-asserted-by":"crossref","first-page":"335","DOI":"10.1007\/s10796-006-9010-7","volume":"8","author":"LA Gordon","year":"2006","unstructured":"Gordon, L. A., & Loeb, M. P. (2006). Economic aspects of information security: an emerging field of research. Information Systems Frontiers, 8(5), 335\u2013337.","journal-title":"Information Systems Frontiers"},{"key":"9411_CR27","unstructured":"Gordon, L. A., Alumni, E. Y., Loeb, M. P., Lucyshyn, W. (2002). An economics perspective on the sharing of information related to security breaches: Concepts and empirical evidence. Workshop on Economics and Information Security, University of California, Berkeley."},{"issue":"6","key":"9411_CR28","doi-asserted-by":"crossref","first-page":"461","DOI":"10.1016\/j.jaccpubpol.2003.09.001","volume":"22","author":"LA Gordon","year":"2003","unstructured":"Gordon, L. A., Loeb, M. P., & Lucyshyn, W. (2003a). Sharing information on computer systems security: an economic analysis. Journal of Accounting and Public Policy, 22(6), 461\u2013485.","journal-title":"Journal of Accounting and Public Policy"},{"issue":"2","key":"9411_CR29","first-page":"1","volume":"19","author":"LA Gordon","year":"2003","unstructured":"Gordon, L. A., Loeb, M. P., & Lucyshyn, W. (2003b). Information security expenditures and real options: a wait-and-see approach. Computer Security Journal, 19(2), 1\u20137.","journal-title":"Computer Security Journal"},{"issue":"30","key":"9411_CR30","doi-asserted-by":"crossref","first-page":"4879","DOI":"10.1080\/00036846.2010.498364","volume":"43","author":"JH Hahm","year":"2011","unstructured":"Hahm, J. H., & Lee, S. (2011). Economic effects of positive credit information sharing: the case of Korea. Applied Economics, 43(30), 4879\u20134890.","journal-title":"Applied Economics"},{"issue":"3","key":"9411_CR31","doi-asserted-by":"crossref","first-page":"463","DOI":"10.1016\/j.dss.2003.11.004","volume":"39","author":"JT Hamill","year":"2005","unstructured":"Hamill, J. T., Deckro, R. F., & Kloeber, J. M., Jr. (2005). Evaluating information assurance strategies. Decision Support Systems, 39(3), 463\u2013484.","journal-title":"Decision Support Systems"},{"issue":"3\u20134","key":"9411_CR32","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1016\/j.ijcip.2010.07.001","volume":"3","author":"F Hare","year":"2010","unstructured":"Hare, F., & Goldstein, J. (2010). The interdependent security problem in the defense industrial base: an agent-based model on a social network. International Journal of Critical Infrastructure Protection, 3(3\u20134), 128\u2013139.","journal-title":"International Journal of Critical Infrastructure Protection"},{"issue":"6","key":"9411_CR33","doi-asserted-by":"crossref","first-page":"629","DOI":"10.1016\/j.jaccpubpol.2006.09.001","volume":"25","author":"K Hausken","year":"2006","unstructured":"Hausken, K. (2006a). Income, interdependence, and substitution effects affecting incentives for security investment. Journal of Accounting and Public Policy, 25(6), 629\u2013665.","journal-title":"Journal of Accounting and Public Policy"},{"issue":"5","key":"9411_CR34","doi-asserted-by":"crossref","first-page":"338","DOI":"10.1007\/s10796-006-9011-6","volume":"8","author":"K Hausken","year":"2006","unstructured":"Hausken, K. (2006b). Returns to information security investment: the effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability. Information Systems Frontiers, 8(5), 338\u2013349.","journal-title":"Information Systems Frontiers"},{"issue":"6","key":"9411_CR35","doi-asserted-by":"crossref","first-page":"639","DOI":"10.1016\/j.jaccpubpol.2007.10.001","volume":"26","author":"K Hausken","year":"2007","unstructured":"Hausken, K. (2007). Information sharing among firms and cyber attacks. Journal of Accounting and Public Policy, 26(6), 639\u2013688.","journal-title":"Journal of Accounting and Public Policy"},{"issue":"1","key":"9411_CR36","first-page":"13","volume":"5","author":"K Hausken","year":"2009","unstructured":"Hausken, K. (2009). Strategic defense and attack of complex networks. International Journal of Performability Engineering, 5(1), 13\u201330.","journal-title":"International Journal of Performability Engineering"},{"issue":"12","key":"9411_CR37","doi-asserted-by":"crossref","first-page":"1135","DOI":"10.1080\/13504851.2011.615729","volume":"19","author":"K Hausken","year":"2012","unstructured":"Hausken, K. (2012). The economics of terrorism against two targets. Applied Economics Letters, 19(12), 1135\u20131138.","journal-title":"Applied Economics Letters"},{"issue":"3","key":"9411_CR38","doi-asserted-by":"crossref","first-page":"621","DOI":"10.1111\/j.1539-6924.2007.00904.x","volume":"27","author":"G Heal","year":"2007","unstructured":"Heal, G., & Kunreuther, H. (2007). Modeling interdependent risks. Risk Analysis, 27(3), 621\u2013634.","journal-title":"Risk Analysis"},{"issue":"3","key":"9411_CR39","doi-asserted-by":"crossref","first-page":"337","DOI":"10.2753\/MIS0742-1222250310","volume":"25","author":"H Herath","year":"2009","unstructured":"Herath, H., & Harath, T. (2009). Investments in information security: a real options perspective with Bayesian postaudit. Journal of Management Information Systems, 25(3), 337\u2013375.","journal-title":"Journal of Management Information Systems"},{"issue":"2","key":"9411_CR40","doi-asserted-by":"crossref","first-page":"793","DOI":"10.1016\/j.ijpe.2008.04.002","volume":"114","author":"D Huang","year":"2008","unstructured":"Huang, D., Qing, H., & Ravi, B. (2008). An economic analysis of the optimal information security investment in the case of a risk-averse firm. International Journal of Production Economics, 114(2), 793\u2013804.","journal-title":"International Journal of Production Economics"},{"issue":"3","key":"9411_CR41","doi-asserted-by":"crossref","first-page":"449","DOI":"10.1016\/S0378-4266(02)00387-4","volume":"27","author":"JG Kallberg","year":"2003","unstructured":"Kallberg, J. G., & Udell, G. F. (2003). The value of private sector business credit information sharing: the US case. Journal of Banking & Finance, 27(3), 449\u2013469.","journal-title":"Journal of Banking & Finance"},{"issue":"5","key":"9411_CR42","doi-asserted-by":"crossref","first-page":"726","DOI":"10.1287\/mnsc.1040.0357","volume":"51","author":"K Kannan","year":"2005","unstructured":"Kannan, K., & Telang, R. (2005). Market for software vulnerabilities? think again. Management Science, 51(5), 726\u2013740.","journal-title":"Management Science"},{"issue":"3","key":"9411_CR43","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1145\/2093548.2093568","volume":"55","author":"SH Kim","year":"2012","unstructured":"Kim, S. H., Wang, Q., & Ulrich, J. B. (2012). A comparative study of cyberattacks. Communications of the ACM, 55(3), 66\u201373.","journal-title":"Communications of the ACM"},{"issue":"4","key":"9411_CR44","doi-asserted-by":"crossref","first-page":"941","DOI":"10.1007\/s10845-010-0402-7","volume":"23","author":"HK Kong","year":"2012","unstructured":"Kong, H. K., Kim, T. S., & Kim, J. (2012). An analysis on effects of information security investments: a BSC perspective. Journal of Intelligent Manufacturing, 23(4), 941\u2013953.","journal-title":"Journal of Intelligent Manufacturing"},{"issue":"1","key":"9411_CR45","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1109\/MSP.2006.27","volume":"4","author":"N Kshetri","year":"2006","unstructured":"Kshetri, N. (2006). The simple economics of cybercrimes. IEEE Security & Privacy, 4(1), 33\u201339.","journal-title":"IEEE Security & Privacy"},{"issue":"12","key":"9411_CR46","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1145\/1610252.1610288","volume":"52","author":"N Kshetri","year":"2009","unstructured":"Kshetri, N. (2009). Positive externality, increasing returns and the rise in cybercrimes. Communications of the ACM, 52(12), 141\u2013144.","journal-title":"Communications of the ACM"},{"issue":"2\u20133","key":"9411_CR47","doi-asserted-by":"crossref","first-page":"231","DOI":"10.1023\/A:1024119208153","volume":"26","author":"H Kunreuther","year":"2003","unstructured":"Kunreuther, H., & Heal, G. (2003). Interdependent security. Journal of Risk and Uncertainty, 26(2\u20133), 231\u2013249.","journal-title":"Journal of Risk and Uncertainty"},{"issue":"2","key":"9411_CR48","doi-asserted-by":"crossref","first-page":"375","DOI":"10.1007\/s10796-010-9253-1","volume":"14","author":"M Lee","year":"2012","unstructured":"Lee, M., & Lee, J. (2012). The impact of information security failure on customer behaviors: a study on a large-scale hacking incident on the Internet. Information Systems Frontiers, 14(2), 375\u2013393.","journal-title":"Information Systems Frontiers"},{"issue":"2","key":"9411_CR49","first-page":"511","volume":"1","author":"P Leeson","year":"2006","unstructured":"Leeson, P., & Coyne, C. J. (2006). The economics of computer hacking. Journal of Law, Economics and Policy, 1(2), 511\u2013532.","journal-title":"Journal of Law, Economics and Policy"},{"issue":"1","key":"9411_CR50","doi-asserted-by":"crossref","first-page":"43","DOI":"10.1007\/BF01053880","volume":"75","author":"W Leininger","year":"1993","unstructured":"Leininger, W. (1993). More efficient rent-seeking: a M\u00fcnchhausen solution. Public Choice, 75(1), 43\u201362.","journal-title":"Public Choice"},{"issue":"1","key":"9411_CR51","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1016\/j.dss.2011.05.007","volume":"52","author":"D Liu","year":"2011","unstructured":"Liu, D., Ji, Y., & Mookerjee, V. (2011). Knowledge sharing and investment decisions in information security. Decision Support Systems, 52(1), 95\u2013107.","journal-title":"Decision Support Systems"},{"issue":"3","key":"9411_CR52","doi-asserted-by":"crossref","first-page":"606","DOI":"10.1287\/isre.1100.0341","volume":"22","author":"V Mookerjee","year":"2011","unstructured":"Mookerjee, V., Mookerjee, R., Bensoussan, A., & Yue, W. T. (2011). When hackers talk: managing information security under variable attack rates and knowledge dissemination. Information Systems Research, 22(3), 606\u2013623.","journal-title":"Information Systems Research"},{"issue":"4","key":"9411_CR53","doi-asserted-by":"crossref","first-page":"293","DOI":"10.1007\/s10799-006-0278-6","volume":"7","author":"TA Pardo","year":"2006","unstructured":"Pardo, T. A., Cresswell, A. M., Thompson, F., & Zhang, J. (2006). Knowledge sharing in cross-boundary information system development in the public sector. Information Technology and Management, 7(4), 293\u2013313.","journal-title":"Information Technology and Management"},{"issue":"2","key":"9411_CR54","doi-asserted-by":"crossref","first-page":"125","DOI":"10.2753\/MIS0742-1222250206","volume":"25","author":"IPL Png","year":"2008","unstructured":"Png, I. P. L., Wang, C. Y., & Wang, Q. H. (2008). The deterrent and displacement effects of information security enforcement: international evidence. Journal of Management Information Systems, 25(2), 125\u2013144.","journal-title":"Journal of Management Information Systems"},{"issue":"8","key":"9411_CR55","doi-asserted-by":"crossref","first-page":"579","DOI":"10.1016\/j.cose.2006.08.001","volume":"25","author":"JCH Ryan","year":"2006","unstructured":"Ryan, J. C. H., & Ryan, D. J. (2006). Expected benefits of information security investments. Computers & Security, 25(8), 579\u2013588.","journal-title":"Computers & Security"},{"issue":"2","key":"9411_CR56","doi-asserted-by":"crossref","first-page":"283","DOI":"10.1007\/BF01213906","volume":"7","author":"S Skaperdas","year":"1996","unstructured":"Skaperdas, S. (1996). Contest success functions. Economic Theory, 7(2), 283\u2013290.","journal-title":"Economic Theory"},{"issue":"1","key":"9411_CR57","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1016\/j.jaccpubpol.2004.12.003","volume":"24","author":"H Tanaka","year":"2005","unstructured":"Tanaka, H., Matsuura, K., & Sudoh, O. (2005). Vulnerability and information security investment: an empirical analysis of e-local government in Japan. Journal of Accounting and Public Policy, 24(1), 37\u201359.","journal-title":"Journal of Accounting and Public Policy"},{"issue":"8","key":"9411_CR58","doi-asserted-by":"crossref","first-page":"544","DOI":"10.1109\/TSE.2007.70712","volume":"33","author":"R Telang","year":"2007","unstructured":"Telang, R., & Wattal, S. (2007). An empirical analysis of the impact of software vulnerability announcements on firm stock price. IEEE Transactions on Software Engineering, 33(8), 544\u2013557.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"1","key":"9411_CR59","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1287\/deca.1030.0001","volume":"1","author":"JW Ulvila","year":"2004","unstructured":"Ulvila, J. W., & Gaffney, J. E. (2004). A decision analysis method for evaluating computer intrusion detection systems. Decision Analysis, 1(1), 35\u201350.","journal-title":"Decision Analysis"},{"issue":"1","key":"9411_CR60","doi-asserted-by":"crossref","first-page":"2008","DOI":"10.1287\/isre.1070.0143","volume":"19","author":"J Wang","year":"2008","unstructured":"Wang, J., Chaudhury, A., & Rao, H. R. (2008). A value-at-risk approach to information security investment. Information Systems Research, 19(1), 2008.","journal-title":"Information Systems Research"},{"issue":"8","key":"9411_CR61","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1145\/859670.859675","volume":"46","author":"ME Whitman","year":"2003","unstructured":"Whitman, M. E. (2003). Enemy at the gate: threats to information security. Communications of the ACM, 46(8), 91\u201395.","journal-title":"Communications of the ACM"},{"issue":"4","key":"9411_CR62","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1080\/10580530701585823","volume":"24","author":"R Young","year":"2007","unstructured":"Young, R., Zhang, L., & Prybutoka, V. R. (2007). Hacking into the minds of hackers. Information Systems Management, 24(4), 281\u2013287.","journal-title":"Information Systems Management"},{"issue":"1","key":"9411_CR63","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1111\/j.1467-8411.2011.01278.x","volume":"25","author":"R Zhang","year":"2011","unstructured":"Zhang, R. (2011). The role of information sharing in trade credit distribution: evidence from Thailand. Asian-Pacific Economic Literature, 25(1), 133\u2013149.","journal-title":"Asian-Pacific Economic Literature"},{"issue":"4","key":"9411_CR64","doi-asserted-by":"crossref","first-page":"811","DOI":"10.1016\/j.dss.2008.02.006","volume":"45","author":"X Zhao","year":"2008","unstructured":"Zhao, X., Fang, F., & Whinston, A. B. (2008). An economic mechanism for better Internet security. Decision Support Systems, 45(4), 811\u2013821.","journal-title":"Decision Support Systems"},{"issue":"2","key":"9411_CR65","doi-asserted-by":"crossref","first-page":"131","DOI":"10.1080\/00137911003775107","volume":"55","author":"J Zhuang","year":"2010","unstructured":"Zhuang, J. (2010). Impacts of subsidized security on stability and total social costs of equilibrium solutions in an n-player game with errors. The Engineering Economist, 55(2), 131\u2013149.","journal-title":"The Engineering Economist"},{"issue":"1","key":"9411_CR66","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1080\/00137910601159722","volume":"52","author":"J Zhuang","year":"2007","unstructured":"Zhuang, J., Bier, V. M., & Gupta, A. (2007). Subsidies in interdependent security with heterogeneous discount rates. The Engineering Economist, 52(1), 1\u201319.","journal-title":"The Engineering Economist"}],"container-title":["Information Systems Frontiers"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-013-9411-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10796-013-9411-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10796-013-9411-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,7,10]],"date-time":"2019-07-10T01:14:00Z","timestamp":1562721240000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10796-013-9411-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,2,23]]},"references-count":66,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2015,4]]}},"alternative-id":["9411"],"URL":"https:\/\/doi.org\/10.1007\/s10796-013-9411-3","relation":{},"ISSN":["1387-3326","1572-9419"],"issn-type":[{"value":"1387-3326","type":"print"},{"value":"1572-9419","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,2,23]]}}}