Economics of Cybersecurity MOOC

Security economics is a thriving research discipline, kicked off in 2001 with Ross Anderson’s seminal paper. There has been an annual workshop since 2002. In recent years there has also been an effort to integrate some of the key concepts and findings into course curricula, including in the Part II Security course at Cambridge and my own course at SMU.

We are pleased to announce that on 20 January 2015, we will launch an online course on the Economics of Cybersecurity, as part of edX Professional Education. The course provides a thorough introduction to the field, delivered by leading researchers from Delft University of Technology, University of Cambridge, University of Münster and Southern Methodist University

The course will provide you with the economic concepts, measurement approaches and data analytics to make better security decisions, as well as understand the forces that shape the security decisions of other actors in the ecosystem of information goods and services. It covers five main areas:

  1. Introduction to key concepts in the economics of cybersecurity. Here, we provide an overview of the properties of information goods and how this shapes the security in these markets.
  2. Measurements and empirical research into security issues, decisions and incentives of actors. We analyze data on security incidents in different markets, as well apply economic concepts to explain the strategies of attackers and defenders.
  3. Economics of information security investment. We discuss and apply different economic models that help determine the costs and benefits of security investments.
  4. Market failures and policy interventions. We discuss available economic tools to better align the incentives for cybersecurity, including better technologies, security metrics, cyber insurance and risk transfer, information sharing, and liability assignment.
  5. Human behaviour. We explore the lessons from behavioral economics to understand the heuristics and biases of actors when they diverge from what is considered rational behaviour in conventional economic theory.

After successfully completing this course, you will be able to position yourself as a vital subject matter expert regarding the economic drivers that influence cybersecurity. The e-learning course and case studies provide a solid fundamental understanding of the economics of cybersecurity as discipline. We believe these new resources will help to raise the awareness among those of you in the profession today -as well as those of you with a future in cybersecurity – about the role that you can play in helping us to ensure a more secure society.

For more details about the course content and cost, as well as registration, please visit the website:

Please note that this course is designed as part of edX’s professional series, so it’s targeted at executive education. We also plan to offer a more traditional MOOC covering these topics but geared toward graduate students and researchers later next Spring.

We hope you will join us!

4 thoughts on “Economics of Cybersecurity MOOC

  1. While I did find the course interesting and did manage to convince management here at my employer to pay for the course, I’ve decided not to, based on the ridiculous sign-up procedures that have. I am not going to provide you with a photo id nor am I going to hook up a web cam so my id can be verified. The only possible reason for this nonsense that I can discern is the desire on edx’s part to do more intrusive data mining than even Facebook and Google perform on their “customers”. I am surprised that someone blogging on a site that is, ostensibly at least, concerned with security and privacy, would condone that sort of behaviour.

  2. Brendan, thank you for your feedback. I share your concerns. We have gotten the same response from several other prospective participants and have raised the issue with edX. We want the platform to offer a paid, but non-ID Verified option.

    It is understandable, but also a real shame that this issue discourages participants. There is no intrusive data mining or other nefarious activity going on. ID Verified is a normal requirement for regular bachelor and master students who want to get credits from their university for taking online courses. But this standard model is not appropriate for MOOCs focused on professionals. EdX has never catered to professionals before and did not anticipate this issue . We have raised it with them and are really hoping they take care of this soon. Perhaps you can check the site again early January?

  3. I have read the edX terms of service and I am reasonably comfortable with them.
    Given the stature of the edX partners I feel it is unlikely that they would compromise their reputations by using the dubious practices alleged.
    I see the reason for the rigour in the identity authentication as a legitimate way to provide integrity and assurance for their ID verified certificates.
    Sadly we know of many instances where unethical individuals attempt to subvert education processes to claim credits they are not entitled to.

  4. It looks like registration for this course is now closed. Was this pilot successful enough that we might see it again in the future? Are you aware of any similar courses available online?

Leave a Reply

Your email address will not be published. Required fields are marked *