Security Risk Models for Cyber Insurance
1st Edition
Published on 20. December 2020
172 pages
978-1-000-33616-0 (ISBN)
Description
Tackling the cybersecurity challenge is a matter of survival for society at large. Cyber attacks are rapidly increasing in sophistication and magnitude-and in their destructive potential. New threats emerge regularly, the last few years having seen a ransomware boom and distributed denial-of-service attacks leveraging the Internet of Things.
For organisations, the use of cybersecurity risk management is essential in order to manage these threats. Yet current frameworks have drawbacks which can lead to the suboptimal allocation of cybersecurity resources. Cyber insurance has been touted as part of the solution - based on the idea that insurers can incentivize companies to improve their cybersecurity by offering premium discounts - but cyber insurance levels remain limited. This is because companies have difficulty determining which cyber insurance products to purchase, and insurance companies struggle to accurately assess cyber risk and thus develop cyber insurance products.
To deal with these challenges, this volume presents new models for cybersecurity risk management, partly based on the use of cyber insurance. It contains:
A set of mathematical models for cybersecurity risk management, including (i) a model to assist companies in determining their optimal budget allocation between security products and cyber insurance and (ii) a model to assist insurers in designing cyber insurance products.
The models use adversarial risk analysis to account for the behavior of threat actors (as well as the behavior of companies and insurers).
To inform these models, we draw on psychological and behavioural economics studies of decision-making by individuals regarding cybersecurity and cyber insurance.
We also draw on organizational decision-making studies involving cybersecurity and cyber insurance.
Its theoretical and methodological findings will appeal to researchers across a wide range of cybersecurity-related disciplines including risk and decision analysis, analytics, technology management, actuarial sciences, behavioural sciences, and economics. The practical findings will help cybersecurity professionals and insurers enhance cybersecurity and cyber insurance, thus benefiting society as a whole.
This book grew out of a two-year European Union-funded project under Horizons 2020, called CYBECO (Supporting Cyber Insurance from a Behavioral Choice Perspective).
For organisations, the use of cybersecurity risk management is essential in order to manage these threats. Yet current frameworks have drawbacks which can lead to the suboptimal allocation of cybersecurity resources. Cyber insurance has been touted as part of the solution - based on the idea that insurers can incentivize companies to improve their cybersecurity by offering premium discounts - but cyber insurance levels remain limited. This is because companies have difficulty determining which cyber insurance products to purchase, and insurance companies struggle to accurately assess cyber risk and thus develop cyber insurance products.
To deal with these challenges, this volume presents new models for cybersecurity risk management, partly based on the use of cyber insurance. It contains:
A set of mathematical models for cybersecurity risk management, including (i) a model to assist companies in determining their optimal budget allocation between security products and cyber insurance and (ii) a model to assist insurers in designing cyber insurance products.
The models use adversarial risk analysis to account for the behavior of threat actors (as well as the behavior of companies and insurers).
To inform these models, we draw on psychological and behavioural economics studies of decision-making by individuals regarding cybersecurity and cyber insurance.
We also draw on organizational decision-making studies involving cybersecurity and cyber insurance.
Its theoretical and methodological findings will appeal to researchers across a wide range of cybersecurity-related disciplines including risk and decision analysis, analytics, technology management, actuarial sciences, behavioural sciences, and economics. The practical findings will help cybersecurity professionals and insurers enhance cybersecurity and cyber insurance, thus benefiting society as a whole.
This book grew out of a two-year European Union-funded project under Horizons 2020, called CYBECO (Supporting Cyber Insurance from a Behavioral Choice Perspective).
Reviews / Votes
"Cyber security is a multidisciplinary subject involving, IT, systems and security engineering. While in dealing with and protection against cyber risks other disciplines including decision and statistical analysis, psychology, risk management and insurance are also involved. This broad spectrum of fields of science is also reflected in the number of contributors to this edited collection of research findings. Originally a two-year research funded by the EU, the book covers in six chapters, cyber security research findings, simulated models as well as risk protection mechanism.Many challenging issues in cyber risks which are not generally well understood by many businesses are discussed in this volume. A novelty of this book is in discussing behavioural aspects of cyber risks in chapter three.
The methodology and modelling discussed in this book lends much to system and security engineering, decision analysis and risk management using flow charts [. . .]. This book is not a textbook written for any particular curriculum, but can be supplementary material for IT security, risk research and insurance applications."
- Series A, Statistics in Society, Royal Statistical Society
More details
Edition
1. Auflage
Language
English
Place of publication
London
United Kingdom
Publishing group
Taylor & Francis Ltd
Target group
Professional and scholarly
Illustrations
32 Tables, black and white; 29 Illustrations, black and white
ISBN-13
978-1-000-33616-0 (9781000336160)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
David Rios Insua | Caroline Baylon | Jose Vila
Security Risk Models for Cyber Insurance
Book
08/2022
1st Edition
Chapman & Hall/CRC
€71.20
Shipment within 15-20 days
David Rios Insua | Caroline Baylon | Jose Vila
Security Risk Models for Cyber Insurance
Book
12/2020
1st Edition
Chapman & Hall/CRC
€161.07
Shipment within 15-20 days
Persons
David Rios Insua is AXA-ICMAT Chair in Adversarial Risk Analysis and a Member of the Spanish Royal Academy of Sciences.
Caroline Baylon is Security Research and Innovation Lead at AXA and a Research Affiliate at the Centre for the Study of Existential Risk, University of Cambridge.
Jose Vila is Scientific Director at DevStat and Associate Professor of Behavioural Economics at the University of Valencia.
Caroline Baylon is Security Research and Innovation Lead at AXA and a Research Affiliate at the Centre for the Study of Existential Risk, University of Cambridge.
Jose Vila is Scientific Director at DevStat and Associate Professor of Behavioural Economics at the University of Valencia.
Content
1. Introduction
2. The Cybersecurity and Cyber Insurance Landscape
3. Behavioural Issues in Cybersecurity
4. Risk Management Models for Cyber Insurance
5. A Case Study in Cybersecurity Resource Allocation and Cyber Insurance
6. Conclusion
2. The Cybersecurity and Cyber Insurance Landscape
3. Behavioural Issues in Cybersecurity
4. Risk Management Models for Cyber Insurance
5. A Case Study in Cybersecurity Resource Allocation and Cyber Insurance
6. Conclusion
