I'm at the 3rd day of Workshop on Economics of Information Security (WEIS) at Penn State. The focus of this day is to provide input and ideas to the Science & Technology (S&T) Directorate in US Department of Homeland Security regarding R&D on cyber economics and incentives.
Here is the 2007 working paper I co-authored: "Incentive-based Cyber Trust -- A Call to Action". I think many of the arguments and ideas are still relevant. (It's long -- 27 pages -- but I think readers will be rewarded.)
Here are my slides.