Category Archives: Security

Data breaches matter...in the short term

In the past, a few studies addressed the problem of understanding the impact of a data breach suffered by a company on the company's value (see, e.g. the paper "The effect of internet security breach announcements on market value" by Cavusoglu … Continue reading

Posted in Privacy, Security | Tagged , , , , | Leave a comment

Some old data on data breaches

Data breaches are always a concern, so that data on their diffusion and ensuing damages are always welcome. I've just read a recently published paper on the subject: "Towards a Model for Data Breaches: An Universal Problem for the Public". … Continue reading

Posted in Security | Tagged , | Leave a comment

The Annual Privacy Forum 2014

Last week I was in Athens to attend the Annual Privacy Forum, jointly organized by a mixed set of organizations: ENISA (the European Union Agency for Network and Information Security), the European Commission (Directorate General for Communications Networks, Content and Technology), … Continue reading

Posted in Privacy, Security | Tagged , | Leave a comment

The right price for our personal data

For a long time academic researchers have tried to understand how much people value their privacy, i.e., their personal data in a panorama where information about customers' habits and attitudes is the key to more profitable business. The answers have … Continue reading

Posted in Information economics, Security | Tagged , , , | Leave a comment

A look at GECON 2013

Last month I have attended the GECON 2013 conference. The long name of the conference is The 10th International Conference on Economics of Grids, Clouds, Systems, and Services. Very well hosted by the colleagues at the University of Zaragoza in Spain, … Continue reading

Posted in Cloud computing, Information economics, Security | Tagged , , , , | Leave a comment

The role of customers in data breach events and security investments

In the most established model to evaluate the effectiveness of security investments by Gordon and Loeb, the probability of data breaches is represented as a function of investments only. The more the company invests to protect the data of its … Continue reading

Posted in Security | Tagged , , | Leave a comment

If the provider has to compensate for data breaches...

....revenues can be the right basis to do it. Proposals for holding the service provider liable for damages suffered by its customers due to data breaches have been submitted in the past. In our papers "Liability for Data Breaches: A … Continue reading

Posted in Security | Tagged , , , | Leave a comment

Our paper on security investment accepted at NSS conference

Our paper "Liability for data breaches: a proposal for a revenue-based sanctioning approach", concerning the use of sanctions to spur security investments, has been accepted for presentation at the 7th International Conference on Network and System Security (NSS 2013), to be … Continue reading

Posted in Security | Tagged , , | Leave a comment

Lack of cloud security may add hidden costs...

In a video interview,  Char Sample, CERT security solutions engineer, highlights security problems in clouds and suggests that the search for efficiency and cost reduction may lead to the cloud being prone to attacks, so that cloud migration may not be … Continue reading

Posted in Cloud computing, Security | Tagged , , , | Leave a comment