Scaled Back Cybersecuruty

Seems to be a case of prisoners dilema. The security of any one network
is to some extent at the mercy of all other connected networks. The
overall security of the network is only as strong as it's weakest link.
In a highly competitive market place there is going to be little
incentive to invest in security if it will just be compromised by your
cost cutting competitors.

If this is the case then the question is what kind of intervention is
necessary to prevent a prisoners dilema and allow something like a Nash
Equilibrium - the bar scene in A Beautiful Mind where they fight over
the hottie blonde... Basically where a set of strategies for security
are arranged so that each player believes that it is doing the best it
can (most personal gain) given the strategies of the other players.

The current state appears to be that many providers do little to nothing
to provide for security, so each player adjust their strategy
accordingly resulting in the prisoners dilema. It seems to get beyond
this you have to bring up the lowest common denominator so that strategy
is not based on networks doing nothing. How do you get the worst
offenders to improve the lowest common denominator. Purchasing
requirements, subsidies, taxes, regulation??? Maybe a bunch of economic
voodoo, but might be a different way of looking at the issue.