Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Cyber-Insurance Market

  • Living reference work entry
  • First Online:
Encyclopedia of Cryptography, Security and Privacy

  • 71 Accesses

Synonyms

Cyber-insurance economics; Cyber-liability economics

Definition

Cyber-insurance market, in its simplest form, is a platform to trade insurance policies that provide coverage against uncertain cyber risk, in return for money (premiums). It is a cyber-risk management platform designed to help businesses hedge against the potentially devastating tangible and intangible effects of cybercrimes such as malware, ransomware, distributed denial-of-service (DDoS) attacks, or any other method used to compromise a network and sensitive data.

Historical Background

Cyber-insurance products emerged in the late 1990s as a risk management tool, when information security started to become a much more prominent aspect of business operation. Although the idea looked promising in the 1980s, battered by events such as Y2K and the 9/11 attacks, the market for cyber insurance failed to thrive and remained a niche for unusual demands. Insurance coverage during most of the initial market years was...

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  • Anderson R (2001) Why information security is hard-an economic perspective. In: Seventeenth annual computer security applications conference, pp 358–365

    Google Scholar 

  • Anderson R, Moore T (2007) Information security economics–and beyond. In: Annual international cryptology conference, pp 68–91

    Google Scholar 

  • Augustinos TP, Bauer L, Cappelletti A, Chaudhery J, Goddijn I, Heslault L, Kalfigkopoulos N, Katos V, Kitching N, Krotofil M, Leverett E (2016) Cyber insurance: recent advances, good practices & challenges. European Union Agency for Network and Information Security (ENISA), Brussels

    Google Scholar 

  • Berkman H, Jona J, Lee G, Soderstrom N (2018) Cybersecurity awareness and market valuations. J Account Public Policy: Elsevier 37(6):508–526

    Google Scholar 

  • Biener C, Eling M, Wirfs JH (2015) Insurability of cyber risk: an empirical analysis. Geneva Pap Risk Insur Issues Pract 40(1):131–158

    Article  Google Scholar 

  • Böhme R, Kataria G (2006) Models and measures for correlation in cyber-insurance. In: WEIS

    Google Scholar 

  • Bolton P, Dewatripont M (2005) Contract theory. MIT Press, Boston

    Google Scholar 

  • Coburn A, Leverett E, Woo G (2018) Solving cyber risk: protecting your company and society. Wiley, London

    Google Scholar 

  • Dambra S, Bilge L, Balzarotti D (2020) SoK: Cyber insurance–technical challenges and a system security roadmap. In: IEEE symposium on security and privacy (SP), pp 293–309

    Google Scholar 

  • Eling M, Wirfs J (2019) What are the actual costs of cyber risk events? Eur J Oper Res 272(3):1109–1119

    Article  Google Scholar 

  • Gao L, Calderon TG, Tang F (2020) Public companies’ cybersecurity risk disclosures. Int J Account Inf Syst. Elsevier 38:100468

    Google Scholar 

  • Hanley KW, Hoberg G (2019) Dynamic interpretation of emerging risks in the financial sector. Rev Financ Stud. Oxford University Press 32(12):4543–4603

    Google Scholar 

  • Kesan J, Majuca R, Yurcik W (2005) Cyberinsurance as a market-based solution to the problem of cybersecurity: a case study. In: Proceedings of WEIS, pp 1–46

    Google Scholar 

  • Khalili MM, Naghizadeh P, Liu M (2017) Designing cyber insurance policies in the presence of security interdependence. In: Proceedings of the 12th workshop on the Economics of networks, systems and computation, pp 1–6

    Google Scholar 

  • Laffont JJ, Martimort D (2009) The theory of incentives: the principal-agent model. Princeton University Press, New Jersey

    Google Scholar 

  • Lelarge M, Bolot J (2009) Economic incentives to increase security in the Internet: the case for insurance. In: IEEE INFOCOM 2009, pp 1494–1502

    Google Scholar 

  • Maillart T, Sornette D (2010) Heavy-tailed distribution of cyber-risks. Eur Phys J B 75(3):357–364

    Article  Google Scholar 

  • Naghizadeh P, Liu M (2014) Voluntary participation in cyber-insurance markets. In: Workshop on the economics of information security (WEIS)

    Google Scholar 

  • Naghizadeh P, Liu M (2017) Provision of public goods on networks: on existence, uniqueness, and centralities. IEEE Trans Netw Sci Eng 5(3):225–236

    Article  MathSciNet  Google Scholar 

  • Naghizadeh P, Liu M (2019) Using private and public assessments in security information sharing agreements. IEEE Trans Inf Forensics Secur: IEEE 15:1801–1814

    Google Scholar 

  • No WG, Vasarhelyi MA (2017) Cybersecurity and continuous assurance. J Emerg Technol Account. American Accounting Association 14(1):1–12

    Google Scholar 

  • O’Brien D (2017) Internet Security Threat Report-Ransomware 2017, Symantec

    Google Scholar 

  • Pal R, Golubchik L (2010) Analyzing self-defense investments in Internet security under cyber-insurance coverage. In: 2010 IEEE 30th international conference on Distributed computing systems, pp 339–347

    Google Scholar 

  • Pal R, Golubchik L, Psounis K, Hui P (2014) Will cyber-insurance improve network security? A market analysis. In: IEEE INFOCOM 2014-IEEE conference on Computer communications, pp 235–243

    Google Scholar 

  • Pal R, Golubchik L, Psounis K, Hui P (2017) Security pricing as enabler of cyber-insurance a first look at differentiated pricing markets. IEEE Trans Dependable Secure Comput 16(2):358–372

    Article  Google Scholar 

  • Pal R, Golubchik L, Psounis K, Bandyopadhyay T (2019) On robust estimates of correlated risk in cyber-insured it firms: a first look at optimal ai-based estimates under “small” data. ACM Trans Manag Inf Syst 10(3):1–8

    Article  Google Scholar 

  • Pal R, Psounis K, Crowcroft J, Kelly F, Hui P, Tarkoma S, Kumar A, Kelly J, Chatterjee A, Nag B (2020a) When are cyber-blackouts in IT-driven service networks likely?: a network oblivious theory for cyber (re)insurance feasibility. ACM Trans Manag Inf Syst 11(3):1–38

    Google Scholar 

  • Pal R, Huang Z, Yin X, Lototsky S, De S, Tarkoma S, Liu M, Crowcroft J, Sastry N (2020b) Aggregate cyber-risk management in the IoT age: Cautionary statistics for (Re) insurers and likes. IEEE Internet Things J

    Google Scholar 

  • Romanosky S, Ablon L, Kuehn A, Jones T (2019) Content analysis of cyber insurance policies: how do carriers price cyber risk? J Cybersecur 5(1):tyz002

    Article  Google Scholar 

  • Sarabi A, Liu M (2018) Characterizing the Internet host population using deep learning: a universal and lightweight numerical embedding. In: Proceedings of the Internet measurement conference 2018, pp 133–146

    Google Scholar 

  • Sarabi A, Naghizadeh P, Liu Y, Liu M (2016) Risky business: fine-grained data breach prediction using business profiles. J Cybersecur 2(1):15–28

    Article  Google Scholar 

  • Schwartz GA, Sastry SS (2014) Cyber-insurance framework for large scale interdependent networks. In: Proceedings of the 3rd international conference on High confidence networked systems, pp 145–154

    Google Scholar 

  • Securities, US and Exchange Commission and others (2011) CF disclosure guidance: Topic no. 2, cybersecurity. In: Division of Corporation Finance Securities and Exchange Commission, USA, vol. 13

    Google Scholar 

  • Shetty N, Schwartz G, Felegyhazi M, Walrand J (2010) Competitive cyber-insurance and Internet security. In: Economics of information security and privacy, pp 229–247

    Google Scholar 

  • Shetty S, McShane M, Zhang L, Kesan JP, Kamhoua CA, Kwiat K, Njilla LL (2018) Reducing informational disadvantages to improve cyber risk management. Geneva Pap Risk Insur Issues Pract 43(2):224–238

    Article  Google Scholar 

  • Tversky A, Kahneman D (1992) Advances in prospect theory: cumulative representation of uncertainty. J Risk Uncertain. Springer 5(4):297–323

    Article  Google Scholar 

  • Wang SS (2019) Integrated framework for information security investment and cyber insurance. Pac Basin Financ J 57:101173

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of EECS, University of Michigan Ann Arbor, Ann Arbor, MI, USA

    Ranjan Pal & Mingyan Liu

Authors
  1. Ranjan Pal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingyan Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ranjan Pal .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, VA, USA

    Sushil Jajodia

  2. University of Milan, Milan, Italy

    Pierangela Samarati

  3. Google Inc, New York, NY, USA

    Moti Yung

Section Editor information

  1. Dept. of Information Security and Communication Technology, Norwegian University of Science and Technology, Gjovik, Norway

    Sokratis Katsikas

  2. Norwegian University of Science and Technology, Gjovik, Norway

    Pankaj Pandey

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Science+Business Media LLC

About this entry

Check for updates. Verify currency and authenticity via CrossMark

Cite this entry

Pal, R., Liu, M. (2021). Cyber-Insurance Market. In: Jajodia, S., Samarati, P., Yung, M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27739-9_1636-1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27739-9_1636-1

  • Received:

  • Accepted:

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27739-9

  • Online ISBN: 978-3-642-27739-9

  • eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering

Publish with us

Policies and ethics

Search

Navigation