costbenefitanalysis – SSL and internet security news

Estimating the Cost of Internet Insecurity

January 29, 2018 infossl

academicpapers, costbenefitanalysis, cybercrime, economicsofsecurity, Security technology, symantec

It’s really hard to estimate the cost of an insecure Internet. Studies are all over the map. A methodical study by RAND is the best work I’ve seen at trying to put a number on this. The results are, well, all over the map: “Estimating the Global Cost of Cyber Risk: Methodology and Examples“: Abstract: … Read More “Estimating the Cost of Internet Insecurity” »

“Security for the High-Risk User”

November 22, 2016 infossl

academicpapers, citizenlab, costbenefitanalysis, risks, Security technology

Interesting paper. John Scott-Railton on securing the high-risk user. Powered by WPeMatico

Privacy Makes Workers More Productive

October 21, 2016 infossl

costbenefitanalysis, privacy, Security technology, surveillance

Interesting research. Powered by WPeMatico

The Hacking of Yahoo

September 30, 2016 infossl

costbenefitanalysis, hacking, Security technology, securitypolicies, yahoo

Last week, Yahoo! announced that it was hacked pretty massively in 2014. Over half a billion usernames and passwords were affected, making this the largest data breach of all time. Yahoo! claimed it was a government that did it: A recent investigation by Yahoo! Inc. has confirmed that a copy of certain user account information … Read More “The Hacking of Yahoo” »

The Cost of Cyberattacks Is Less than You Might Think

September 29, 2016 infossl

academicpapers, costbenefitanalysis, cyberattack, cybersecurity, databreaches, externalities, nationalsecuritypolicy, nist, reputation, Security technology, securityengineering, securitystandards

Interesting research from Sasha Romanosky at RAND: Abstract: In 2013, the US President signed an executive order designed to help secure the nation’s critical infrastructure from cyberattacks. As part of that order, he directed the National Institute for Standards and Technology (NIST) to develop a framework that would become an authoritative source for information security … Read More “The Cost of Cyberattacks Is Less than You Might Think” »

The Obsolescence of Submarines

February 19, 2015 infossl

concealment, costbenefitanalysis, defense, nationalsecuritypolicy, Security technology

Interesting article on the submarine arms race between remaining hidden and detection. It seems that it is much more expensive for a submarine to hide than it is to detect it. And this changing balance will affect the long-term viability of submarines. Powered by WPeMatico

Economic Failures of HTTPS Encryption

November 28, 2014 infossl

academicpapers, certificates, costbenefitanalysis, economicsofsecurity, externalities, https, Security technology, vulnerabilities

Interesting paper: “Security Collapse of the HTTPS Market.” From the conclusion: Recent breaches at CAs have exposed several systemic vulnerabilities and market failures inherent in the current HTTPS authentication model: the security of the entire ecosystem suffers if any of the hundreds of CAs is compromised (weakest link); browsers are unable to revoke trust in … Read More “Economic Failures of HTTPS Encryption” »