Beyond the Prisoner’s Dilemma: Using the Game Theory Security Model to Develop Robust Information Security Policies

Abstract

In this research I explore and apply game theory to security policy creation and maintenance for network, mobile, and Internet of Things systems. After introducing game theory’s tenets, I describe the generational development of information security policy and how contemporary socio-technical policy formation fails to address the dynamic nature of ubiquitous computing. Next I assert that the Game Theory Security Model (GTSM) can protect networked, mobile, and IoT systems from a diversity of cyberattacks. Using the zero-sum game strategy, in which losses are a requirement for wins (Davis, 1983), I propose organizational strategies necessary to achieve a state of pragmatic equilibrium (Gintis, 2009, 2011). Further using this model, I recommend policies an organization can implement to minimize data loss and protect critical systems. Finally, I will test the GTSM’s viability through a series of software implementations in diverse contexts. The paper ends with recommendations for effectively implementing the GTSM