CALL FOR PAPERS ________________________________________________________________________________ The 11th Annual Workshop on the Economic of Information Security (WEIS 2012) Berlin, Germany, June 25-26, 2012 Information security and privacy continue to grow in importance, as threats proliferate, privacy erodes, and attackers find new sources of value. Yet the security of information systems and the privacy offered by them depends on more than just technology. Each requires an understanding of the incentives and trade-offs inherent to the behavior of people and organizations. As society's dependence on information technology has deepened, policy-makers have taken notice. Now more than ever, careful research is needed to characterize accurately threats and countermeasures, in both the public and private sectors. The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security and privacy, combining expertise from the fields of economics, social science, business, law, policy, and computer science. Prior workshops have explored the role of incentives between attackers and defenders of information systems, identified market failures surrounding Internet security, quantified risks of personal data disclosure, and assessed investments in cyber-defense. The 2012 workshop will build on past efforts using empirical and analytic tools not only to understand threats, but also to strengthen security and privacy through novel evaluations of available solutions. We encourage economists, computer scientists, legal scholars, business school researchers, security and privacy specialists, as well as industry experts to submit their research and participate by attending the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of: - Optimal investment in information security - Models and analysis of online crime (including botnets, phishing, and spam) - Risk management and cyber-insurance - Security standards and regulation - Cyber-security policy - Security models and metrics - Economics of privacy and anonymity - Behavioral security and privacy - Vulnerability discovery, disclosure, and patching - Cyber-defense strategy and game theory - Incentives for information sharing and cooperation Submitted manuscripts should represent significant and novel research contributions. WEIS has no formal formatting guidelines. Previous contributors spanned fields from economics and psychology to computer science and law, each with different norms and expectations about manuscript length and formatting. Advisable rules of thumb include: using past WEIS accepted papers as templates and adhering to your community's publication standards. A selection of papers accepted to this workshop will be invited to appear in an edited volume targeted to policy-makers, managers, researchers, and practitioners. For more information please email: info@weis2012.econinfosec.org or visit http://weis2012.econinfosec.org. #### IMPORTANT DATES Submissions due 24 February 2012 Notification of acceptance 13 April 2012 Final papers due 1 June 2012 Workshop 25-26 June 2012 #### PROGRAM CHAIR * Rainer Boehme - University of Muenster PROGRAM COMMITTEE * Alessandro Acquisti - Carnegie Mellon University * Ross Anderson - University of Cambridge * Rainer Boehme - University of Muenster * L. Jean Camp - Indiana University * Jonathan Cave - RAND Europe * Huseyin Cavusoglu - University of Texas at Dallas * Nicolas Christin - Carnegie Mellon University * Benjamin Edelman - Harvard Business School * Michel van Eeten - Delft University of Technology * Jeremy Epstein - SRI International * Allan Friedman - Brookings Institution * Neil Gandal - Tel Aviv University * Dan Geer - In-Q-Tel * Lawrence Gordon - University of Maryland * Jens Grossklags - Penn State University * Thorsten Holz - Ruhr-University Bochum * Jean-Pierre Hubaux - EPFL Lausanne * Nicola Jentzsch - DIW Berlin * M. Eric Johnson - Dartmouth Tuck School of Business * Martin Loeb - University of Maryland * Kanta Matsuura - University of Tokyo * Tyler Moore - Wellesley College * Andrew Odlyzko - University of Minnesota * David Pym - University of Aberdeen * Brent Rowe - RTI International * Stuart Schechter - Microsoft Research * Bruce Schneier - BT Counterpane * Richard Sullivan - Federal Reserve Bank of Kansas City * Rahul Telang - Carnegie Mellon University * Catherine Tucker - MIT * Liad Wagman - Illinois Institute of Technology * Rick Wash - Michigan State University GENERAL CHAIRS * Gert G. Wagner - DIW Berlin * Nicola Jentzsch - DIW Berlin