Gary Shiffman and Ravi Gupta have written an interesting new article: "Crowdsourcing cyber security: a property rights view of exclusion and theft on the information commons." From the abstract:
Individuals increasingly rely upon the internet for basic economic interaction. Current cyber security mechanisms are unable to stop adversaries and hackers from gaining access to sensitive information stored on government, business, and public computers. Experts propose implementing attribution and audit frameworks in cyberspace to deter, prevent, and prosecute cyber criminals and attackers. However, this method faces significant policy and resource constraints. Social science research, specifically in law and economics, concerning common-pool resources suggests an organic approach to cyber security may yield an appropriate solution. This cyber commons method involves treating the internet as a commons and encouraging individuals and institutions to voluntarily implement innovative and adaptive monitoring mechanisms. Such mechanisms are already in use and in many cases have proven more effective than attribution mechanisms in resisting and tracing the source of cyber attacks.
I confess that it speaks to my own preconceptions, but its worth a read for anyone and everyone who is interested in the topic.