Abstract
In financial markets, clients entrust their capital and data to financial infrastructure providers who are vulnerable to breaches. We develop a model in which infrastructure providers compete to provide secure and efficient client services, in the presence of a cyber-attacker. In equilibrium, provider competition leads to both lower fees and security investment, but potentially greater vulnerability, in comparison to a monopolistic platform. We find that providers prefer to consolidate into a single platform, whereas clients prefer a fragmented infrastructure. The inefficiency of consolidated providers stems from under-investment in security when the market is small, and over-investment when the market is large. Policy makers should be wary of consolidation of critical financial infrastructure, as the impacts to security do not compensate clients for the increase in fees. Instead, minimum security investment requirements may improve security in competitive environments while yielding higher utility than the comparable monopoly platform.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
