The Workshop on the Economics of Information Security was established in 2002 to bring together computer scientists and economists to understand and improve the poor state of information security practice. WEIS was borne out of a realization that security often fails for non-technical reasons. Rather, the incentives of both - fender and attacker must be considered. Earlier workshops have answered questions ranging from?nding optimal levels of security investement to understanding why privacy has been eroded. In the process, WEIS has attracted participation from the diverse?elds such as law, management and psychology. WEIS has now established itself as the leading forum for interdisciplinary scholarship on information security. The eigth installment of the conference returned to the United Kingdom, hosted byUniversityCollegeLondononJune24-25,2009.Approximately100researchers, practitioners and government of?cials from across the globe convened in London to hear presentations from authors of 21 peer-reviewed papers, in addition to a panel and keynote lectures from Hal Varian (Google), Bruce Schneier (BT Co- terpane), Martin Sadler (HP Labs), and Robert Coles (Merrill Lynch). Angela Sasse and David Pym chaired the conference, while Christos Ioannidis and Tyler Moore chaired the program committee.

The Workshop on the Economics of Information Security was established in 2002 to bring together computer scientists and economists to understand and improve the poor state of information security practice. WEIS was borne out of a realization that security often fails for non-technical reasons. Rather, the incentives of both - fender and attacker must be considered. Earlier workshops have answered questions ranging from?nding optimal levels of security investement to understanding why privacy has been eroded. In the process, WEIS has attracted participation from the diverse?elds such as law, management and psychology. WEIS has now established itself as the leading forum for interdisciplinary scholarship on information security. The eigth installment of the conference returned to the United Kingdom, hosted byUniversityCollegeLondononJune24-25,2009.Approximately100researchers, practitioners and government of?cials from across the globe convened in London to hear presentations from authors of 21 peer-reviewed papers, in addition to a panel and keynote lectures from Hal Varian (Google), Bruce Schneier (BT Co- terpane), Martin Sadler (HP Labs), and Robert Coles (Merrill Lynch). Angela Sasse and David Pym chaired the conference, while Christos Ioannidis and Tyler Moore chaired the program committee.

This book constitutes revised selected papers from the 5th International Workshop on Graphical Models for Security, GraMSec 2018, held in Oxford, UK, in July 2018. The 7 full papers presented in this volume were carefully reviewed and selected from 21 submissions. The book also contains one invited talk. The contributions deal with the latest research and developments on graphical models for security.