When to Treat Security Risks with Cyber Insurance
作者: Per Hakon Meland , Fredrik Seehusen
DOI: 10.1109/CYBERSA.2018.8551456
关键词:
摘要: Transferring security risk to a third party through cyber insurance is an unfamiliar playing field for lot of organisations, and therefore many hesitate make such investments. Indeed, there general need affordable practical ways performing quantification when determining treatment options. To address this concern, we propose lightweight, data-driven approach organisations evaluate their own insurance. A generic model, populated with available industry averages, used as starting point. Individual can instantiate model obtain profile themselves related relevant threats. The then together estimate the benefit basis comparing offers from different providers.
bibsys.no 参考文章(17)
Frank Innerhofer-Oberperfler, Ruth Breu, Potential Rating Indicators for Cyberinsurance: An Exploratory Qualitative Study Economics of Information Security and Privacy. pp. 249- 278 ,(2010) , 10.1007/978-1-4419-6967-5_13
Benjamin Johnson, Rainer Böhme, Jens Grossklags, Security games with market insurance decision and game theory for security. pp. 117- 130 ,(2011) , 10.1007/978-3-642-25280-8_11
Jart Armin, Bryn Thompson, Davide Ariu, Giorgio Giacinto, Fabio Roli, Piotr Kijewski, 2020 Cybercrime Economic Costs: No Measure No Solution availability, reliability and security. pp. 701- 710 ,(2015) , 10.1109/ARES.2015.56
Christian Biener, Martin Eling, Jan Hendrik Wirfs, Insurability of Cyber Risk: An Empirical Analysis Geneva Papers on Risk and Insurance-issues and Practice. ,vol. 40, pp. 131- 158 ,(2015) , 10.1057/GPP.2014.19
Tridib Bandyopadhyay, Vijay S. Mookerjee, Ram C. Rao, Why IT managers don't go for cyber-insurance products Communications of The ACM. ,vol. 52, pp. 68- 73 ,(2009) , 10.1145/1592761.1592780
Arunabha Mukhopadhyay, Samir Chatterjee, Debashis Saha, Ambuj Mahanti, Samir K. Sadhukhan, Cyber-risk decision models: To insure IT or not? decision support systems. ,vol. 56, pp. 11- 26 ,(2013) , 10.1016/J.DSS.2013.04.004
Lawrence A. Gordon, Martin P. Loeb, Tashfeen Sohail, A framework for using insurance for cyber-risk management Communications of The ACM. ,vol. 46, pp. 81- 85 ,(2003) , 10.1145/636772.636774
Le Minh Sang Tran, Bjørnar Solhaug, Ketil Stølen, An Approach to Select Cost-Effective Risk Countermeasures Lecture Notes in Computer Science. pp. 266- 273 ,(2013) , 10.1007/978-3-642-39256-6_18
Athanassios N. Yannacopoulos, Costas Lambrinoudakis, Stefanos Gritzalis, Stylianos Z. Xanthopoulos, Sokratis N. Katsikas, Modeling Privacy Insurance Contracts and Their Utilization in Risk Management for ICT Firms european symposium on research in computer security. pp. 207- 222 ,(2008) , 10.1007/978-3-540-88313-5_14
Ranjan Pal, Leana Golubchik, Analyzing Self-Defense Investments in Internet Security under Cyber-Insurance Coverage international conference on distributed computing systems. pp. 339- 347 ,(2010) , 10.1109/ICDCS.2010.79