Cybersecurity has become a priority for organizations and governments due to the expeditious growth of information systems and networks in daily businesses. In this thesis, I first examine how security could be improved in a business environment. In the first study, I explore the regulatory options in improving the social welfare from a security service market. I identify two major sources of deficiency in such a market: incentive misalignment and information asymmetry. Based on a stylish analytical model, I propose that self-regulation is sufficient to solve the problem of misaligned incentive given the availability of audit trail, and government intervention with taxation is required to tackle the issue of information asymmetry. In the second study, I investigate the effect of a natio...[ Read more ]

Cybersecurity has become a priority for organizations and governments due to the expeditious growth of information systems and networks in daily businesses. In this thesis, I first examine how security could be improved in a business environment. In the first study, I explore the regulatory options in improving the social welfare from a security service market. I identify two major sources of deficiency in such a market: incentive misalignment and information asymmetry. Based on a stylish analytical model, I propose that self-regulation is sufficient to solve the problem of misaligned incentive given the availability of audit trail, and government intervention with taxation is required to tackle the issue of information asymmetry. In the second study, I investigate the effect of a national security measure in the context of China and Australia. The difference-in-difference econometric model shows that implementing the national filter scheme weaken security, and further analysis suggests that the use of circumvention tools from users contributed most to this result. Besides policy analyses in cybersecurity, in the third study, I inspect the economics characteristics in cryptocurrency – a system empowered by cybersecurity in design for value transfer. Extending from the Mussa-Rosen model of choice on product quality, I find that the overwhelming transaction cost of cryptocurrency is caused by network congestion due to the capacity constraint. The empirical analysis with Bitcoin further supports this finding. These results offer important economics insight for firms, lawmakers and developers in designing security policies and solutions.