Skip to Main content Skip to Navigation
Conference papers

Optimal Security Configuration for Cyber Insurance

Abstract : Losses due to cyber security incidents could be very significant for organisations. This fact forces managers to consider cyber security risks at the highest management level. Cyber risks are usually either mitigated by technical means (countermeasures) or transferred to another party (i.e., insurer). Both options require significant investments and organisations face the problem of optimal distribution of cyber security budget between these risk treatment options.In this paper, we propose an approach for optimal distribution of investments between self-protection and cyber insurance. The key difference of our paper with respect to others in the field is that our model helps to identify the required security controls, rather than implicitly assuming a relation between security investments, security configuration and expected probability of attack. Our approach exploits a discrete model of investment in self-protection, which is more challenging for analysis but is more realistic and convenient for the application. Our model further considers several threats and allows threats to occur more than once.
Document type :
Conference papers
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download

https://hal.inria.fr/hal-02023729
Contributor : Hal Ifip <>
Submitted on : Thursday, February 21, 2019 - 4:11:54 PM
Last modification on : Friday, August 23, 2019 - 11:02:03 AM
Long-term archiving on: : Wednesday, May 22, 2019 - 9:04:40 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2021-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Fabio Martinelli, Ganbayar Uuganbayar, Artsiom Yautsiukhin. Optimal Security Configuration for Cyber Insurance. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.187-200, ⟨10.1007/978-3-319-99828-2_14⟩. ⟨hal-02023729⟩

Share

Metrics

Record views

60