The economic status of information security came to the intellectual fore around 2000. As is the case with innovations it arose simultaneously in multiple venues.

In 2000, Ross Anderson wrote, . Anderson explained that a significant difficulty in optimal development of security technology is that incentives must be aligned with the technology to enable rational adoption. Thus, economic insights should be integrated into technical design. A security technology should enable the party at risk to