Saturday, September 7, 2019

Computer Security Essay Example | Topics and Well Written Essays - 750 words - 3

Computer Security - Essay Example Their main result being that vulnerability disclosures mostly lead to a negative and critical change in the market value for a software developer. A solid base for the formation of their argument against information sharing is due to the realization that on average, a vendor loses approximately 0.6% value in stock price when a vulnerability is reported; This being about a 0.86$ billion loss per vulnerability announcement. The Organization of Internet Safety (OIS) defines security vulnerability as a flaw within a software system that can cause it to work against its original design and make it prone to outside manipulation. With the rapid advancement in technology and the internet evolution information sharing has peaked to a new level. This despite its advantages in terms of rapid information sharing also brings to surface the increased chances of vulnerabilities being exposed. As a result not only are software security products like firewalls at a risk but software like operating sy stems and enterprise software can also be manipulated to create security related attacks; Hence providing another aspect that goes against information sharing due to the presence of vulnerabilities. Further examples in terms of a study by NIST in 2002 can be observed which estimated the cost of faulty software at $60 bn per year. Most prominent are incidents like Cod Red virus and the Melissa virus in which hackers exploited flaws in the software and caused enormous damages. Moving on to some arguments in favor of information sharing despite the existence of vulnerabilities we see that prior literature suggests that software defects don’t necessarily lead to a loss in market value of firm. This is due to two main reasons; firstly because the End User License Agreement limits the liability of the software developers encouraging them to facilitate information sharing despite the costs. Second due to the general philosophy held by software stakeholders that it is a uniquely comp lex product which will have understandable defects. A key example here is that of the numerous vulnerabilities present in Microsoft and yet its products are not associated in any way with low quality simply because of the huge user base that it holds in terms of information sharing. Arora, Telang and Xu (2004) look at a more optimistic picture of the vulnerability aspect and argue in favor of information sharing as their study leads them to the conclusion that disclosure can force vendors to release patches quickly. Arora, Caulkins and Telang (2003) follow suit and they discover that larger software vendors find it optimal to rush product into market and then invest in post launch patching hence saving overall product costs and using vulnerability to their advantage. Externality is defined by economists as a situation in which an individual’s actions have economic repercussions for others. It is important to note that in these instances the fact that there is no compensation is of critical importance. Externalities are divided into positive and negative. In negative externality the consequences are mostly known, for example the effects of environmental pollution caused by a plant and the way it might have an impact on the neighboring

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.