Until now, the evolution of cyber security has been largely driven by market demand and has developed in the absence of formal governance. However, in the post-9/11 world and with an increase in cyber attacks, government's role in cyber security has become a major policy issue. This paper contends that economic principles have been excluded from the debate about who should provide cyber security. This paper seeks to fill this gap. We postulate that an analysis of cyber security in the absence of economic considerations is incomplete. Toward this end, we employ several economic concepts in order to offer insight to policymakers involved in this debate. In doing so, we hope to shed light on the most effective means of securing the Internet.
View the article at JLEP.net.