DP5269 | Internet Security, Vulnerability Disclosure and Software Provision

Publication Date

23/10/2005

JEL Code(s)

  • L86, O3

Keyword(s)

  • Internet security, Vulnerabilities, Software, network effects

Programme Area(s)

  • Industrial Organization

Abstract

In this paper, we examine how software vulnerabilities affect firms that license software and consumers that purchase software. In particular, we model three decisions of the firm: (i) an upfront investment in the quality of the software to reduce potential vulnerabilities; (ii) a policy decision whether to announce vulnerabilities; and (iii) a price for the software. We also model two decisions of the consumer: (i) whether to purchase the software; and (ii) whether to apply a patch.