How To Stay Ahead of Cyber Risk

Effective Cybersecurity Requires an Interdisciplinary Approach

Dec 04, 2019

SMITH BRAIN TRUST  Cyber risk can come from data breaches or cyber attacks, but to really root out cyber threats and prepare for risks, organizations need to take a new approach. Efforts must extend beyond computer science to pull fields such as behavioral science, economics, law, management science and political science, according to a new article published in Science magazine.

Maryland Smith’s Lawrence A. Gordon collaborated with 18 other researchers from institutions around the world on the article that lays out how to advance the science of cyber risk by taking an interdisciplinary research approach. The article also discusses the barriers to the approach.

“By addressing cyber risk terminology, standards, and implementation principles in a cross-disciplinary fashion, such guidance can be interpretable and usable by a wide variety of companies and nonprofit and governmental organizations that have different agendas,” the researchers write. “Diversity of thought will likely contribute to richer cyber risk insights. There is also value to classifying the variety of cyber risks so that they can be addressed appropriately.”

The authors concede avoiding all cyber risk is unrealistic, but they point to ways to decrease risk in some scenarios, includings designing and building software and hardware systems to avoid certain security issues. They say organizations could also minimize cyber risk by “minimizing the use of connected computing systems in certain environments.”

The researchers say a concrete step toward reducing cyber risk is to share information about threats to help other organizations prevent similar future attacks, and they push for that with the article.

“Given the critical nature of cyber risk in today's interconnected digital world, this article should resonate with anyone interested in issues related to cyber risk, privacy, and/or cybersecurity,” Gordon says.

Gordon, Smith’s EY Alumni Professor of Managerial Accounting and Information Assurance, is considered a pioneer in the area of cybersecurity economics. Gordon and Smith professor Martin P. Loeb developed a mathematical framework, the Gordon-Loeb model, to help organizations figure out how much they should invest in cybersecurity.

Cyber Risk Research Impeded by Disciplinary Barriers” is featured in the Nov. 29, 2019 issue of Science.



About the Expert(s)

Lawrence A. Gordon

Lawrence A. Gordon is an internationally known scholar in the area of managerial accounting. His work focuses on such issues as performance measures, economic aspects of information security, cost management systems, the interface between managerial accounting and information technology, and capital investments. Gordon is considered to be one of the pioneers in the emerging field of cybersecurity economics.

Martin Loeb

Martin P. Loeb is a professor of accounting and information assurance and a Deloitte & Touche faculty fellow at the Robert H. Smith School of Business, University of Maryland, College Park. He is a researcher in the Maryland Cybersecurity Center. Loeb’s early research was in economic mechanism design, incentive regulation, cost allocations, and cost-based procurement contracting. His recent research has focused on issues in cybersecurity economics. 

More In


High Time for Changing How Pot Is Taxed?

Fifteen states now have legal medical and recreational pot use, 21 have legal medical use, and just 14 say cannabis is not legal for any reason.

Dec 15, 2020
Name that Sector: Poised for Comeback After Two Tough Years

The year 2018 saw a pretty robust economy in the United States. But one sector slid about 1.7%, adjusted for inflation. Any guesses which one?

Dec 15, 2020
WFH and Your Tax Return: A Guide

For many workers, the pandemic has meant working from home, often for months on end. But what does 10 months of remote work mean for your 2020 tax return?

Dec 02, 2020
Robert H. Smith School of Business
Map of Robert H. Smith School of Business
University of Maryland
Robert H. Smith School of Business
Van Munching Hall
College Park MD 20742