Cybersecurity is essential for ensuring economic stability, safeguarding digital assets, and maintaining trust in an increasingly digitized economy. This paper applies a game-theoretic framework to analyse the strategic decision-making process between attackers and defenders, with a particular focus on firms’ investments in cybersecurity innovation. Building upon Garcia and Horowitz’s model (2007), the study incorporates government interventions, subsidies, tax reductions, and mandatory standards to address market failures, interdependencies, and free-riding behaviour. The results of this study demonstrate the efficacy of governmental policies in aligning private incentives with the broader interests of society, particularly in the context of promoting increased investment in cybersecurity. The analysis demonstrates the pivotal function that well-designed interventions can play in mitigating systems-level risk and enhancing group security. The numerical simulations employed in this study effectively capture the reactions of firms to government support, particularly in the context of varying probabilities for the occurrence of cyberattacks.
Innovation in Preventing Cybersecurity Attacks: Policy Implications from a Game Theory Perspective
Giovanna Bimonte;Fabio Carlucci;Luigi Senatore
;Barbara Trincone
2025
Abstract
Cybersecurity is essential for ensuring economic stability, safeguarding digital assets, and maintaining trust in an increasingly digitized economy. This paper applies a game-theoretic framework to analyse the strategic decision-making process between attackers and defenders, with a particular focus on firms’ investments in cybersecurity innovation. Building upon Garcia and Horowitz’s model (2007), the study incorporates government interventions, subsidies, tax reductions, and mandatory standards to address market failures, interdependencies, and free-riding behaviour. The results of this study demonstrate the efficacy of governmental policies in aligning private incentives with the broader interests of society, particularly in the context of promoting increased investment in cybersecurity. The analysis demonstrates the pivotal function that well-designed interventions can play in mitigating systems-level risk and enhancing group security. The numerical simulations employed in this study effectively capture the reactions of firms to government support, particularly in the context of varying probabilities for the occurrence of cyberattacks.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.