Software security is an important concern for vendors, consumers, and regulators since attackers who exploit vulnerabilities can cause significant damage. In this brief paper, I discuss key themes in the budding literature on the economics of cyber-security. My primary focus is on how economics incentives affect the major issues and themes in information security. Two important themes relevant for the economics of cyber security issues are (i) a security externality and (ii) a network effect that arises in the case of computer software. A nascent economics literature has begun to examine the interaction between vulnerability disclosure, patching, product prices and profits.