Estimates for Reasonable Data Breach Prevention

Estimates for Reasonable Data Breach Prevention


Sarah Oh


George Mason University, Department of Economics, Students

June 12, 2015
Abstract:

Firms spend operating costs to mitigate the risk of data breach events. However, firms may not know how much to spend to prevent data breach events with varying incidence frequencies. I present a model that estimates the relationship of breach prevention spending to breach incidence rates for individual firms. After constructing a likelihood function, I use simulated results to show parameter estimates for a range of spending and breach frequencies. Probabilities for counterfactual scenarios are available as well. This model can accommodate variation in firm size, security spending, incidence frequency, and breach types. Estimates can show whether a firm’s breach prevention efforts fall within a range of industry averages.

Download This Paper

Number of Pages in PDF File: 22

Keywords: Data breach prevention, Data breach litigation

JEL Classification: K20, K40, L20

Related posts:

Read previous post:
3512-000027
Hazlett in TIME: How to Neuter the Net Revolution

The Internet can't innovate living under the rules of a 1970s telephone company. “The Internet revolution has ended just as...

Close