CAE Lecture Series - August 29, 2024

Research Presentation and NSA Speaker

Nathan S. Evans
Last updated on Aug 21, 2024 News, Updates, Events

Details

Available data on firm cybersecurity often exhibits a positive correlation between investment in security precautions and cyber-attacks since investments are often made after a firm has been breached. Using survey data from Israeli firms about their cyber defenses, we overcome the endogeneity obstacle using an instrumental variable (IV) drawn from questions about a cybersecurity directive. The resulting regressions examine the causal relationship between security precautions potentially undertaken by enterprises and the likelihood of experiencing a cyber-incident. Once suitably instrumented and controlling for characteristics that make some firms more attractive attack targets than others, we find robust evidence that increased adoption of security controls does in fact reduce the likelihood of being breached.

Topic: Empirically Evaluating the Effect of Security Precautions on Cyber Incidents Date: August 29th, 2024 Time: Noon-2pm (Mountain time) Location: Microsoft Teams meeting Meeting ID: 254178154588 Passcode: 9gSU5j

Click here to join the meeting

Original flyer PDF

CAE cybersecurity lecture series
Nathan S. Evans
Nathan S. Evans
Teaching Associate Professor, Academic Director for Cyber Security, University of Denver

Research includes networking, network security, software security and systems.