Economic Research On The Governance Of Network Security Loopholes

At present,network security has become the core component of national security,and plays an increasingly important role in the key links and basic guarantee of economic and social development.In recent years,China's development of key core technologies in the process of the rise of a great power has been repeatedly restrained and suppressed.In particular,the software and hardware products used in China's core network system are all subject to the control of other countries.There are a large number of vulnerabilities in these network products,which bring huge security risks.Practice shows that efforts to develop and innovate technologies cannot completely solve the network security problems caused by vulnerabilities in network products,because the network security problem is not a pure technical problem,it also involves capital investment,economic governance,operation strategy and other economic aspects.Therefore,carrying out the network security vulnerability management economics research,analyzing the mechanism of network security problem and the inner motivation,studying the incentive such as investment management,information economics behavior influence on network security,making optimization analysis of network security supply from the Angle of the whole society,and giving policy advice of the network security vulnerability management,is an important research topic to deal with the current complex international security situation and the situation of the development of social construction.Combining with the traditional economics theory,introducing the theory of complex network and network game tools,this article will carry out in-depth economic research on the governance of network security vulnerabilities revolving ‘the network security vulnerability management the theoretical basis of economics',‘node inside governance: the micro market main body of investment incentives and strategy',‘between nodes governance: vulnerability market governance investment incentives and strategy',‘the government's network security vulnerability management under market failure',‘policy Suggestions to optimize the network security vulnerability management' and other issues.Firstly,Economic analysis of network security.From the perspective of network product vulnerability,network enterprises and national network public governance,this paper studies the economic motivation of network security by combining traditional economic methods.The problem of adverse selection of network products,bilateral moral hazard and insufficient demand for network security in the current network market,as well as insufficient private supply at the national level,are the important reasons for the difficulty in solving the problem.On this basis,combining the theory of complex network and the view of topological mechanism,a network security governance framework based on ‘network nodes-network nodes-the whole network'is proposed.Secondly,‘Intra-node' governance: investment incentives and strategies of micro market players.‘Intra-node' refers to individual enterprises,individuals and other micro-market entities,while ‘intra-node' governance refers to the investment incentives and strategies of these micro-market entities.By analyzing the two situations of enterprise network protection and threat one by one,we construct the cost-revenue model,study how ‘nodes' within the micro market main body according to the type of cyber threats to the optimization of security investment strategy,at the same time make comparative analysis of different kinds of security threats,and the influence of enterprise's own security measure investment on the government's network security governance,so as to find and satisfy the overall social network safety and security measures cost between the optimal strategy.Thirdly,‘node to node' governance: Investment incentive and strategy of vulnerability market transaction governance.‘Internode' refers to a number of enterprises,individuals and other market proposal subjects,and ‘internode' governance refers to the market transaction investment incentives and strategies of these market proposal subjects.Based on asymmetric information theory,this paper focuses on the information incentive problem between network "nodes",and helps consumers to understand and master the real situation of network security by establishing the vulnerability information trading market and studying the security signal display mechanism.We discuss the formation mechanism and basic characteristics of the vulnerability market.By building the transaction model of vulnerability information and the patch management strategy model,we obtain the optimal coordination management strategy of the release cycle of vendor vulnerability and the upgrade cycle of consumer vulnerability by comprehensively considering the way of vendors and consumers.Fourthly,Government network security vulnerability management under ‘market failure'.In essence,network security is a public product.In the case of market failure,the government needs to play its role,intervene in the public product market,actively allocate resources,establish an external network security environment,encourage private enterprises to invest,complete the transformation of network security operation attributes,and deploy the structure and process of network security deployment.Firstly,the development of autonomous and controllable operating system is taken as an example to illustrate the problems existing in the technology industrialization of network security.Then,an asymmetric oligopoly industrial investment game model is established,which takes into account two kinds of uncertain factors: market volatility and emergency.The market is described by mathematical model,and the management strategy of safety responsibility and behavior is given.Finally,this paper puts forward policy suggestions to optimize network security vulnerability governance.In view of the market failure of network security governance,it is necessary for the government,organizations,enterprises and individuals to jointly participate in the governance of network security,so as to achieve ‘overall network'security.This paper gives policy suggestions to optimize the governance of network security vulnerabilities from four aspects,namely,clarifying the market mechanism of network security vulnerabilities,strengthening the government regulation of network security vulnerabilities,optimizing the management strategy of network security vulnerabilities and promoting the collaborative governance of network security vulnerabilities.