Economics‎ > ‎

The Economics of Security

posted Mar 21, 2012, 12:06 PM by Simon Nguyen   [ updated Mar 21, 2012, 12:08 PM ]
Imagine living in a lawless country – Somalia, for example. It would be nearly possible to carry out daily activities due to a lack of security. Consumer demand is likely to be stagnant; businesses are probably non-existent.

Unquestionably, security is the most important prerequisite for a strong country and a vibrant economy. This is precisely why most countries set aside a large portion of their annual budget for national defense and law enforcement.

One of my former professors was an expert on nuclear security. He used to head a special task force whose responsibility was to inspect nuclear facilities for possible security loopholes. The guy was renowned for employing unusual methods of inspection. One time, he had an attractive young woman of Eastern European descent working as undercover agent at a nuclear facility.

After a few flirtatious exchanges, the gorgeous agent was able to bewitch the security guards into spewing out secret security information. I wonder what it is about attractive women of Eastern European descent that leave men spellbinded; the KGB was very good at exploiting this weakness during the Cold War.

In recent years, the scope of security has expanded to encompass the World Wide Web. This is due to the fact that Internet browsing has become an essential component of daily life. But without a secure online environment, people will be less enthusiastic about conducting research and personal business via the web. The sense of insecurity will slow down technological progress and impede economic expansion.

Today’s computer engineers are tasked with designing not only the most useful software but also the most secure software. When I was an engineer, I used to be part of a team specialized in protecting web users from identity theft. What frustrates engineers like me the most is the carelessness of many computer users. Many instances of identity theft occur due to the failure of web users (even on public computers) to do something as simple as logging out of their online account after each use.

The most effective way to prevent this problem is to enable online sessions to expire after a period of inactivity. However, determining how much time to allow for inactivity is typically the factor that induces a lot of headaches. This is due to the fact that the inactivity may be due to a person forgetting to log out, or simply due to the person taking a short respite to take care some personal business (e.g. going to the restroom).

In both the cases of the unsuspecting security guard and the careless computer user, human weaknesses were the biggest impediments. No amount of security can fully compensate for it. 

Simon Nguyen, M.A. Economics