What is the economic impact of cyber terrorism? Can organizations achieve strategic advantage in the cyber terrorism game? A general game theoretical model is proposed to study the optimal information systems (ISs) security investment and then applied to compare the losses caused by cyber terrorists and common hackers. Literature is reviewed on IS security, game theoretical models of IS security, cyber terrorism, cyber deterrence and IS security breach function. Simulations with varying levels of attacker's preference, breach function sensitivity and deterrence level are carried out to determine sensitivity to the optimal IS security investment. Results suggest that organizations should invest more to protect their strategic information systems against cyber terrorists who have long-term goals.
