Differential Effects of Prior Experience on the Malware Resolution Process

In stock
SKU
38.3.02
Links
$15.00
Abstract
Despite growing interest in the economic and policy aspects of information security, little academic research has used field data to examine the development process of a security countermeasure provider. In this paper, we empirically examine the learning process a security software developer undergoes in resolving a malware problem. Using the data collected from a leading antivirus software company in Asia, we study the differential effects of experience on the malware resolution process. Our findings reveal that general knowledge from cross-family experience has greater impact than specific knowledge from within-family experience on performance in the malware resolution process. We also examine the factors that drive the differential effects of prior experience. Interestingly, our data show that cross-family experience is more effective than within-family experience in malware resolution when malware targets the general public than when a specific victim is targeted. Similar results—for example, the higher (lower) effect of cross-family (within-family) experience— were observed in the presence of information sharing among software vendors or during a disruption caused by a catastrophe. Our study contributes to a better understanding of the specific expertise required for security countermeasure providers to be able to respond under varying conditions to fast-evolving malware. 12/9/13
Additional Details
Author Seung Hyun Kim and Byung Cho Kim
Year 2014
Volume 38
Issue 3
Keywords Information security, economics of information systems, learning curve, antivirus software, malware, targeted attack, information sharing, catastrophe, knowledge retention
Page Numbers 655-678
Copyright © 2021 MISQ. All rights reserved.