520 likes | 616 Views
Microeconomics of Business Decision-Making. MBA 641 James Madison University. Week 1: Introduction. MBA 641 faculty. Bill Grant Bill Wood Brian O’Roark. Introduction to these videos. Part of MBA 641 course delivery, which also includes in-person kickoff and online meetings
E N D
Microeconomics ofBusiness Decision-Making MBA 641James Madison University
MBA 641 faculty • Bill Grant • Bill Wood • Brian O’Roark
Introduction to these videos • Part of MBA 641 course delivery, which also includes in-person kickoff and online meetings • Coordinated with text materials
Video features • Classic Content, developed for earlier cohorts (blue slide background) • Micro Updates, to introduce recent developments (green slide background) • Information Applications, to provide specific connections with the information industries (green slide background)
Rules of the course • For details, consult the class syllabus, which is available in hard copy and online
Microeconomics • Microeconomics is the study of individual decision-makers and markets • The field of economics most closely related to business decision-making • Within microeconomics, the most closely related subfield is “Industrial Organization” • Information economics emphasis
What we’ll study • The relationships between and among • Market structure • Market conduct • Market performance • Connections with management, finance, marketing
“Industry” and “industrial” • By themselves, words often imply old-line markets like steel and autos • Not the intention here • Methods we’ll study are those used by economists, analysts, judges and lawyers for analyzing any market – New Economy or old
Economics ofinformation security • Economics is the study of choice under scarcity • Scarcity is the inability to satisfy all wants at the same time • We do not have the ability to achieve perfect information security • Therefore, we choose
Costs and benefits • In economics, we choose by considering costs and benefits of actions • Nichols, Ryan and Ryan (2000, pages 70-76) contains a framework for assessing costs and benefits
The output • In ordinary service and manufacturing operations, the output is what we sell to make money • The output of information security is confidentiality, integrity and availability • We can express (but not measure) output of information security as “probability of not experiencing” a given failure
A continuum • Risk is the antithesis of security • At far left on the line below, there are high levels of risk and low levels of security • At far right, low risk and high security High risk Low risk Low security High security
Costs of information security • Starting from a highly insecure operation, basic security measures (sound passwords, for example) increase security at low cost • As we become more secure, the cost gets greater and greater • Realistically, we never get to complete security • Focus is on costs of defense
Security cost curve (Also known as defense profile)
Benefits of information security • Starting from a highly insecure operation, benefits of information security are high • However, the more secure you get, the less value additional security has • There comes a point at which additional security is not cost-justified • Emphasis is on avoiding damage
Security benefit curve (Also known as damage profile)
A security equilibrium • Nichols, Ryan and Ryan don’t think their equation (p. 70) can be used to make a quantitative determination of risk level • Neither does the diagram you’re about to see make such a claim • However, we can usefully think about information security in the context of the diagram
Find the “X” (Where the damage profile intersects the defense profile)
How the security optimum changes • We don’t have control over our defense profile when an adversary acts strategically • Developments in countermeasures can affect costs of security (defense profile) • When vulnerability goes up, damage profile higher (more benefit to security) • When impact of threat goes up, damage profile higher (more benefit to security)
Summary • Sound decisions about risk and security require consideration of the security optimum • We have seen how a number of different developments can affect what the optimum is
What do firms do? • “Maximize profit,” but it’s not that simple • This has become an area of research called “Firms’ Objectives and Strategic Behavior”
Firms maximize profit • Beginning assumption • Assumes firms are maximizing long-term profit, or, “the (stock market) value of the firm” • Why not just ask?
Difficulty: firms can’t maximize • Managers can’t calculate MR = MC • But managers do it intuitively • The wide receiver and the quarterback • Costs of Administrative Command go up with size (Coase) • Opportunistic behavior occurs (Williamson)
More difficulties • Shirking in team behavior • Team output is greater than the sum of the outputs produced by individual members of the team • Still, compensation by team gives members an incentive to loaf, or “shirk” • Agency costs: costs that a principal incurs to see that an agent acts as expected
Difficulty: firms won’t maximize • This requires • Market power • Separation of ownership from control (Berle and Means) • But what else could they maximize? • Sales (Baumol) • Utility (Williamson)
Utility maximization • Some choices a firm makes directly affect the happiness of executives • Charitable donations, flight arrangements, thickness of carpet
What if they don’t maximize? • To “satisfice” is to settle for less than the maximum profit • Possible in a non-competitive environment
Complications • Uncertainty, with asymmetric rewards to managers • In some organizations managers get • Small rewards for successes • Big penalties for failures • Inevitable result: The CYA attitude • (lack of creativity, risk taking)
So why assume profit-max? • With all these complications, why do we still assume firms maximize profits? • Three last-ditch defenses
1. The takeover threat • If a firm does not maximize profits, the firm’s stock will reflect that poor performance • A takeover artist will buy up the firm, kick the lazy managers out, make big money
2. Survival of the firm • In good times, even non-maximizing firms survive • In recessions, only the profit-maximizers survive • Over time, we observe only profit-maximizers remaining
3. Stock options • Executives are increasingly compensated according to the company’s stock value • One leading mechanism: stock options • Makes executives more interested in maximizing profits • Imprecise mechanism at best
Summary • There are many difficulties and complications that keep firms from maximizing profits • But there are countering forces that leave profit maximization still the most common assumption for how firms behave
Micro Update • Theory of the firm holds up well. • Basic information security model holds up well. • The models haven’t changed, but the examples have.
Changes in infosec threats: 1 • Hand-held devices have spread and multiplied. • Users demand access to organizational resources. • Access implies vulnerability.
Changes in infosec threats: 2 • Social networking has increased. • Not just personal, but also a business strategy for many. • Social networking reduces security
Changes in infosec threats: 3 • Malicious software has reached a new level of sophistication. • Stuxnet:"Countries hostile to the United States may feel justified in launching their own attacks against US facilities, perhaps even using a modified Stuxnet code," ISIS concluded. "Such an attack could shut down large portions of national power grids or other critical infrastructure using malware designed to target critical components inside a major system, causing a national emergency." Source: The Christian Science Monitor http://www.csmonitor.com/USA/2011/0103/Stuxnet-attack-on-Iran-nuclear-program-came-about-a-year-ago-report-says
Primary fact • The most important economic fact about information’s costs is: Information is costly to produce but cheap to reproduce
Primary strategy issue • A key strategy issue in information economics is: The tension between giving away information (to let people know what you have to offer) and charging for it to receive revenue