Cybersecurity is essential for ensuring economic stability, safeguarding digital assets, and maintaining trust in an increasingly digitized economy. This paper applies a game-theoretic framework to analyse the strategic decision-making process between attackers and defenders, with a particular focus on firms’ investments in cybersecurity innovation. Building upon Garcia and Horowitz’s model (2007), the study incorporates government interventions, subsidies, tax reductions, and mandatory standards to address market failures, interdependencies, and free-riding behaviour. The results of this study demonstrate the efficacy of governmental policies in aligning private incentives with the broader interests of society, particularly in the context of promoting increased investment in cybersecurity. The analysis demonstrates the pivotal function that well-designed interventions can play in mitigating systems-level risk and enhancing group security. The numerical simulations employed in this study effectively capture the reactions of firms to government support, particularly in the context of varying probabilities for the occurrence of cyberattacks.

Innovation in Preventing Cybersecurity Attacks: Policy Implications from a Game Theory Perspective

Giovanna Bimonte;Fabio Carlucci;Luigi Senatore
;
Barbara Trincone
2025

Abstract

Cybersecurity is essential for ensuring economic stability, safeguarding digital assets, and maintaining trust in an increasingly digitized economy. This paper applies a game-theoretic framework to analyse the strategic decision-making process between attackers and defenders, with a particular focus on firms’ investments in cybersecurity innovation. Building upon Garcia and Horowitz’s model (2007), the study incorporates government interventions, subsidies, tax reductions, and mandatory standards to address market failures, interdependencies, and free-riding behaviour. The results of this study demonstrate the efficacy of governmental policies in aligning private incentives with the broader interests of society, particularly in the context of promoting increased investment in cybersecurity. The analysis demonstrates the pivotal function that well-designed interventions can play in mitigating systems-level risk and enhancing group security. The numerical simulations employed in this study effectively capture the reactions of firms to government support, particularly in the context of varying probabilities for the occurrence of cyberattacks.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4910197
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact