4 research outputs found
Cyber-warranties as a quality signal for information security products
Consumers struggle to distinguish between the quality of
different enterprise security products. Evaluating performance is complicated
by the stochastic nature of losses. It is recognised that this
information asymmetry may lead to a "market for lemons" in which
suppliers face no incentive to provide higher quality products. Some security
vendors have begun to offer cyber-warranties - voluntary ex-ante
obligations to indemnify the customer in the event of a cyber attack -
to function as a quality signal. Much like how consumer protection laws
are relatively more costly to firms offering low quality products, cyberwarranties
are more costly for firms developing low quality enterprise
security products. In this paper, we introduce a decision-theoretic model
to explore how consumers might use cyber-warranties to increase information
when purchasing security products. Our analysis derives four inferences
that consumers can make about a security product. We discuss
the difficulties customers might face in using these inferences to make
real world decisions