Cybersecurity investments with nonlinear budget constraints: Analysis of the marginal expected utilities

Abstract

In this paper, we consider a recently introduced cybersecurity investment supply chain game theory model consisting of retailers and consumers at demand markets with the retailers being faced with nonlinear budget constraints on their cybersecurity investments. We construct a novel reformulation of the derived variational inequality formulation of the governing Nash equilibrium conditions. The reformulation then allows us to exploit and analyze the Lagrange multipliers associated with the bounds on the product transactions and the cybersecurity levels associated with the retailers to gain insights into the economic market forces. We provide an analysis of the marginal expected transaction utilities and of the marginal expected cybersecurity investment utilities. We then establish some stability results for the financial damages associated with a cyberattack faced by the retailers. The theoretical framework is subsequently applied to numerical examples to illustrate its applicability.