Skip to main content

Security and Privacy Risk Management in Organizations

Researchers: Nicolas Christin, Anupam Datta

Cross Cutting Thrusts: Business Risk Analysis and Economic Implications


Scope:  Develop mathematical models that can be used to analyze security and privacy risks in organizations and prescribe mechanisms for mitigating such risks. Provide a basis for socially beneficial public policy design, in particular, to ensure that it is in the self-interest of organizations to take measures to protect privacy of customers.

Outcomes:  Provide mathematical foundations necessary to describe the incentive structures of the different actors participating in complex, interdependent security scenarios, and to prescribe mechanisms to ensure a favorable outcome from a societal point of view.

Technical Reports: Are Security Experts Useful? Bayesian Nash Equilibria for Network Security Games with Limited Information | Dissecting One Click Frauds