Economics of Cybersecurity: Business Strategies and Policy Interventions
Source: https://learningforlife.tudelft.nl/economics-of-cybersecurity-business-strategies-and-policy-interventions/ Parent: https://learningforlife.tudelft.nl/our-courses/
Share webpage
- Define the main organization-level solutions to security failures.
- Evaluate the strengths and weaknesses of each organization-level solution in a specific context.
- Define the main market-level solutions to security failures.
- Evaluate the strengths and weaknesses of each market-level solution in a specific context.
Start date Mar 25, 2026
€ 1.145,-
- Type Course
- Admission open until
The deadline to register for this course.
Mar 25, 2026 - Location Online - Pacing Instructor-paced - Length
For instructor paced courses this is the length of the course.
For self-paced courses this is the length of the course if you spend the amount of time per week as specified. You're free to go faster or slower as you see fit.
6 Weeks - Effort 4 - 6 Hours per week
Add to Cart
Loading...
Subscribe to back in stock notification
Subscribe
Learn how to make informed security investments, align cybersecurity with business goals, and navigate critical areas like insurance, incident response, and more. This course brings together state-of-the-art expertise on solutions to cybersecurity failures at both the organizational and market levels.
Organizations face difficult decisions about how to manage the cybersecurity risks that they face. How much should you spend on security? How can you align security with your business strategy? What is a rational approach to managing your vulnerabilities? Should you adopt cyber insurance? After you have suffered an incident, is it better to go public or to keep it a secret?
This course, provides you with a clear way of thinking about these issues, supporting you to make better decisions. It trains professionals in IT and business to think about investment decisions, risk mitigation and insurance. It also provides boardroom-level executives with the training required under NIS2.
This course goes beyond individual organizations to address cybersecurity market failures. Issues like information asymmetry, adverse selection, and externalities lead to inefficient markets, where the costs and benefits of security risks are unevenly distributed. Some organizations benefit from stronger security, while others bear the consequences of poor security practices. How can these market failures be fixed?
The final part of the course focuses on policy solutions. We explore when proactive regulations (ex ante) are effective, and when it's better to rely on reactive liability (ex post). With new regulations in the US, EU, and Asia focusing on certification, we also ask: does this approach work? Finally, we offer insights into an often-overlooked solution: encouraging voluntary action by companies to improve cybersecurity.
These insights enable policymakers and decision makers to design better policies to improve the cybersecurity of our economy and the country at large. - Details
##### Course Syllabus
Week 1:\ In this week we will introduce key concepts for the field of security and risk management. We will also investigate what security investments are and the decision-making process associated with them.\ Topics covered this week:
- Security and risk management per-breach
- Decision theory for security investments
- Security investments and organization politics
Week 2:\ This week we will describe the different security providers’ functions and specifically focus on what cyber insurance is, as well as what possibilities there are to transfer cyber security risk.\ Topics covered this week:
- Focus on security providers
- Cyber insurance 101
- A closer look at cyber risk transfer
Week 3:\ In this week we continue our investigation of cyber risk by looking into the different risk information sharing principles and what barriers there are that inhibit it. We conclude this section with a close look at post-breach security strategies.\ Topics covered this week:
- Cyber risk information sharing
- Barriers to cyber risk information sharing
- Security and risk management post-breach
Week 4:\ This week we will explain the different policy intervention approaches at an organizational level. We will dive deep into ex-ante safety regulations as well as ex-post liability.\ Topics covered this week:
- Policy intervention overview
- Ex ante safety regulations
- Ex post liability
Week 5:\ The focus of this week is on analyzing the process of certifying products and the potential issues that arise from the certification process. We will also discuss what information disclosure is and its effects. \ Topics covered this week:
- Certifying products
- Certifying processes
- Information disclosure
Week 6:\ In this final week we will conclude the analysis of different security solutions, by looking into what data protection and breach disclosure tries to achieve, what voluntary actions are taken in practice, and what incentives are included in policy regulations. We conclude this section with a quick look at other policy responses, that we have not investigated in detail in this course.\ Topics covered this week:
- Data protection and breach disclosure
- Voluntary actions
- Regulatory “carrots”
- Other policy responses
- Qualifications
##### Certificates
If you successfully complete this course you will earn a professional education certificate and you are eligible to receive 2.5 Continuing Education Units (CEUs).
Participants are encouraged to combine this course with the course “Economics of Cybersecurity: Foundations and Measurements” and “Economics of Cybersecurity: Users and Attackers”.
##### Chartered Engineering Competences
All our online courses and programs have been matched to the competences determined by KIVI’s Competence Structure, a common frame of reference for everyone, across all disciplines, levels and roles.
These competences apply to this course:
-
A1: Extend your theoretical knowledge of new and advancing technologies.
- Admission
This course is primarily geared towards working professionals. - Contact
If you have any questions about this course or the TU Delft online learning environment, please visit our Help & Support page.
What our learners say about us
-
I found the required readings specially insightful, but the lectures were extremely useful as well.
Roy Ricaldi - The Netherlands
Read the full story - > All the courses in the program are well-structured, ensuring that all the concepts are highly engaging.
Grzegorz Czapliński - Singapore
Related Products
Press to go to carousel navigation
Start date Sep 24, 2025
4 - 6 Hours per week
€ 3.100,-
€ 3.435,-
10% off
Economics of Cybersecurity: Foundation and Measurement
Start date Sep 23, 2026
4 - 6 Hours per week
€ 916,-
€ 1.145,-
20% off
Economics of Cybersecurity: Users and Attackers
Start date Jan 20, 2027
4 - 6 Hours per week
€ 1.145,-