Security Risk Models for Cyber Insurance

David Rios Insua editor Caroline Baylon editor Jose Vila editor

Format:Hardback

Publisher:Taylor & Francis Ltd

Published:21st Dec '20

Currently unavailable, and unfortunately no date known when it will be back

This hardback is available in another edition too:

Security Risk Models for Cyber Insurance cover

Tackling the cybersecurity challenge is a matter of survival for society at large. Cyber attacks are rapidly increasing in sophistication and magnitude—and in their destructive potential. New threats emerge regularly, the last few years having seen a ransomware boom and distributed denial-of-service attacks leveraging the Internet of Things.

For organisations, the use of cybersecurity risk management is essential in order to manage these threats. Yet current frameworks have drawbacks which can lead to the suboptimal allocation of cybersecurity resources. Cyber insurance has been touted as part of the solution – based on the idea that insurers can incentivize companies to improve their cybersecurity by offering premium discounts – but cyber insurance levels remain limited. This is because companies have difficulty determining which cyber insurance products to purchase, and insurance companies struggle to accurately assess cyber risk and thus develop cyber insurance products.

To deal with these challenges, this volume presents new models for cybersecurity risk management, partly based on the use of cyber insurance. It contains:

  • A set of mathematical models for cybersecurity risk management, including (i) a model to assist companies in determining their optimal budget allocation between security products and cyber insurance and (ii) a model to assist insurers in designing cyber insurance products.

  • The models use adversarial risk analysis to account for the behavior of threat actors (as well as the behavior of companies and insurers).

  • To inform these models, we draw on psychological and behavioural economics studies of decision-making by individuals regarding cybersecurity and cyber insurance.

  • We also draw on organizational decision-making studies involving cybersecurity and cyber insurance.

Its theoretical and methodological findings will appeal to researchers across a wide range of cybersecurity-related disciplines including risk and decision analysis, analytics, technology management, actuarial sciences, behavioural sciences, and economics. The practical findings will help cybersecurity professionals and insurers enhance cybersecurity and cyber insurance, thus benefiting society as a whole.

This book grew out of a two-year European Union-funded project under Horizons 2020, called CYBECO (Supporting Cyber Insurance from a Behavioral Choice Perspective).

"Cyber security is a multidisciplinary subject involving, IT, systems and security engineering. While in dealing with and protection against cyber risks other disciplines including decision and statistical analysis, psychology, risk management and insurance are also involved. This broad spectrum of fields of science is also reflected in the number of contributors to this edited collection of research findings. Originally a two-year research funded by the EU, the book covers in six chapters, cyber security research findings, simulated models as well as risk protection mechanism.

Many challenging issues in cyber risks which are not generally well understood by many businesses are discussed in this volume. A novelty of this book is in discussing behavioural aspects of cyber risks in chapter three.

The methodology and modelling discussed in this book lends much to system and security engineering, decision analysis and risk management using flow charts [. . .]. This book is not a textbook written for any particular curriculum, but can be supplementary material for IT security, risk research and insurance applications."
- Series A, Statistics in Society, Royal Statistical Society

ISBN: 9780367339494

Dimensions: unknown

Weight: 453g

172 pages