The Law and Economics of Software Security

Security in software networks relies on technology, law, and economics. As the cost of software security breaches becomes more apparent, there has been greater interest in developing and implementing solutions for different parts of the problem. In this paper, we provide the first comprehensive assessment of the software security issue that uses a law and economics framework. We begin by offering a definition of software security that illustrates the complexity of the problem. We then review and critique the literature assessing the costs of software security. Finally, we evaluate a number of legal, economic and technical approaches for addressing security problems.