• Gordon, Lawrence A., Martin P. Loeb, and William Lucyshyn, “Sharing Information on Computer Systems: An Economic Analysis,” Journal of Accounting and Public Policy, Vol. 22, No. 6, 2003, pp. 461-485.

The U.S. federal government has fostered a movement toward sharing information concerning computer security, with particular emphasis on protecting critical infrastructure assets that are largely owned by the private sector. This paper presents a model to examine the welfare economic implications of this movement. It is shown that, since information sharing lowers the cost of each firm attaining any given level of information security, there are potential benefits for individual firms and society at large from sharing. However, it is also shown that in the absence of appropriate economic incentive mechanisms, each firm will attempt to free ride on the security expenditures of other firms (i.e., renege from the sharing agreement and refuse to share information).